last executing test programs:

3m37.951548994s ago: executing program 2 (id=455):
r0 = eventfd2(0x8, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000040)={r0, 0x800, 0x2, r0}) (async)
write$eventfd(r0, &(0x7f0000000100)=0xe28, 0x8) (async)
ioctl$KVM_GET_PIT(0xffffffffffffffff, 0xc048ae65, &(0x7f0000000040)) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x141000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xc8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r8, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0xe53})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r9, 0x4400ae8f, &(0x7f0000001400)={"e252642c984e01c085fb179eb720dc4f29f8db1923438c13eb5d9f1fd63fb21f3a82b53c34bb2d48c25c12d9600a1586ae922f4ad895bb94010b6da8606386af1311399d659e6ceebafcf721e334c54bf9262eee4b700ad62596e229765a5c928fbcde17b3f64b10b56cc02bedd43cb3ba71b6710923f234160a1145240295e98ca2df6070fabed95021ec5488bd1220f48d33e6acf0681d0ebd73bee4cc885218d5cb9edd6afd2554487b8b27bc9c9588c7f69cfe949361e6b26fd4e40e915203dc6a2e08d90ba483920a1859812b531ab27fb485100a568fd4c407246903a66b1d823bd096b942c53656e5f2633cb05bc31913202d1fd8efa0a5753c2078eab480cd6cdcaa68dc85743ade63493aa2d3939f176d7fb7f73cc58a116db35049bbcdeeb773c85b2fe983ae8ccc266e250c06f6d0cf0effa536be3b4fa5602c6a408c91b14ba9efbefc3c58fd56a6fc47eac467481ea51776f68aadae3a59ee438d41c3a14b826c1f384866e4085c91a468c07ba937a1ef926f81d5a914c1cbe09264917eddd9bde054b79b8f46a9e83d9aea4dd2e0f8457b8506437519296ecdd06550b6bd99d839b8baa45af9fd055e9ab58f818712171a814bd214a7494d4d771b01cb35cb433e168e90e4844b99b9431be4727c452d3e1b2ce3a688a182862e2e6471350905ccad91bc817867db4370232db6d4e886f8fb6002acd71b4e5e9544101bbd4ee3a6bf8c14259813eea21cbc275121c12aba7de973272cef01d663214cefd5ff3b6ff302e2f05850899d2396301d6b5ed9eee304f2377d25d075c988291b91c07c17c2eb6f7267a8fb6a7d22a927329b33cff573d7575256fede994ef1009620669d710e2964ce16a9183b695be7e4d795587dd7683d24bb7bcb271dfdaf6465eab2ee815a35b42a477a72c1ae6914986ebfecc160fbf2cd58fb4ed388b2714de700777d2727a9de7467f3fe539c27c76ffed09be31bb4568f951a78cc4378d223cc864177c0e9e4fd08bf2d8d0aee28ff594927d3b4e61935255c237c546c3a1f7d5f08806c649ac27713621510619d27148a214fa04e01baf3183cc20a20d10eda4176eb2a6974b0d7268ce10fb050b0c9592f61f9332a65f27f87eb302b2c65ad4c8702cda858431b88e2d5d2ffe056ca43b80a07595bf6f4baa5d200b324a09e243ae9e49bb9d62c38e39c4a49b1986cb86860ac93e093b0ea4a8f86d19b78b8432f513ba18cf8d17139665e7f4e17a363fb1f96181f6064e52a20cfb040077edb2b63356492e188d21deecdbe640b21702ad10096e09587060373fa1304566bfb45beb6a1ee1443c0b61ba65888c3dd8a252b6180982202a9b69f9f1e94e7a7473680ec7746fbf856952104e46764924d5cea8c81b4c48f6c50ac6ae4ac095311e4b71a5dcf57cf0fa9f65c4db2b6a484a27d9a95d26792"})
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000100)={0x5, 0x0, [{0xd, 0x7, 0x1, 0x3, 0x5, 0x0, 0x4}, {0x6, 0x7, 0x3, 0xff, 0xb6a6, 0x400, 0x9}, {0xd, 0x4, 0x0, 0x4, 0x7fffffff, 0x7, 0x5}, {0x80000019, 0x46, 0x7, 0x7fffffff, 0x4, 0x8, 0x40}, {0x80000007, 0x5, 0x2, 0x14aa, 0x7f, 0x5, 0x9b2e}]}) (async, rerun: 64)
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000240)={0x8, 0x0, [{0x22f, 0x0, 0x7fffffff}, {0xa3b, 0x0, 0x7}, {0x878, 0x0, 0x5}, {0x9bf, 0x0, 0x401}, {0x80a, 0x0, 0x1}, {0x8c6, 0x0, 0x7}, {0x571, 0x0, 0x100000001}, {0x614, 0x0, 0xfffffffffffffffe}]}) (rerun: 64)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r10 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$KVM_CAP_HALT_POLL(r10, 0x4068aea3, &(0x7f0000000140)={0xb6, 0x0, 0x3})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x1)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)={0x4, 0x0, [{0x400000b7, 0x0, 0x8}, {0x481, 0x0, 0x823fc000001}, {0x24a, 0x0, 0x1}, {0x932, 0x0, 0x400}]}) (async)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r13, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000001c0)="0f20d86635200000000f22d8f30fc77006f3d3d366b800a000000f23d80f21f86635c00000500f23f8640f01c5360f00dbbaf80c66b8e704838b66efbafc0cec260f209dbaf80c66b84627838e66efbafc0ced0f01c4", 0x56}], 0x1, 0xa, &(0x7f0000000540)=[@dstype0={0x6, 0x40000005}], 0x1) (async)
syz_kvm_setup_cpu$x86(r12, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f00000000c0)="2e0f01c8660f38811e0f20c035000001000f22c0640091bb7f1a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x33}], 0x1, 0x12, &(0x7f0000000100)=[@cstype3={0x5, 0x4}], 0x1)

3m37.042006569s ago: executing program 2 (id=456):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x2d3})
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r8, 0xc008ae88, &(0x7f0000000000)={0x4, 0x0, [{0x29c, 0x0, 0xfffffffffffff58e}, {0x0, 0x0, 0x4}, {0xb19, 0x0, 0x64}, {0xad3, 0x0, 0x1}]})
r9 = eventfd2(0x8, 0x0)
write$eventfd(r9, &(0x7f0000000140)=0xfffffffffffffffc, 0x8)
write$eventfd(r9, &(0x7f00000000c0)=0x3, 0x8)
ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f0000000540)=@vmx={0xa, 0x0, 0x2080, {0x40000, 0xfec0ffff, {0x3}}, {"aa1bebc691cd9ef1bef66018938af1cf3d9bd582d72851c8ee2ccd630923c500a13eb9f3f234c42633bdf83a09ff7eb59005d9124998d9726f3fc65a67a3a755b9cec6f1e595bcf804eaaf870a96a37aba05a12ad73b7c97c65e5e1e29248d08d45def91f822500488be5f03da1c56167a5e8f0f3a89707cf983b1a8a1177c3162b3866787f713f553faec61206783691b710b5ead76ea6c13128672285901e3f7a12f3e298d7cf9900aeabc17de9d480b8cc2c8a0a2f3d6b36174d278620a2c0ecfbc78d702cb0bb884ecc7fd5dc1c5bb3681df3dee1ff154763b62efa48914c19c21ee10a243424f9fa7bc85ee34033aa163bbe3b27e95577315ea3e1249840550e4d35658da03f7183d3f3196eafde49902224f887fc6463b5edd26411d5e7d375f6b6fe1ecdfdb04d9e28aa8c7e54413f4d542490d7ccccff5a3c3f1bb7e68e3cb9449cbe8d42e2e56ee0986e234469a65c8e1412049a39293bcb408c5821706ffff0e1e69c2cefa69c6775cd02ff096daaeeb64877fa5f137c94817fd46627a959a073cee91fd0494060a73a87ca942314492f2fdc05a6f9e3d473d88fef2d524f9aa9889bbebb9353d2679d7aea5989018db5ddca21143f4e6e3813fd4b27592b712871a7fa0aaf393d202ea1afb2ae073dd6201c0428d4ffb2b36a6c6881b918a90a976427fb2d31191333d06886d2ebaad93bed0a3c0bd2883f1e47b49a95fed66e3bb9ed6668195f20a6ad59e0ef79794b179764014524ce2dfba1c0d509c95836153082f5da5f7d1c67a866e8d24a0f330fccfe226517e34c7fc8d4a740d3f8ec725805fbaf66c00dfd591a0ac990cdb196d36b1249fa9afd35d8c503161f7957f32df4004ab2746a5d7031ded88d72760e658ee9b5d73e93c5d726ea98acce3b08bba3d9e2c40c8c6cc8d4c3b8dde33e0af5ed0c45ffbaab1c9624b703416d94feb02aa0af6a9d3ebb842039300fc3527304f1a49d75e62b381ab0c9429893b2c6265617146cf023a97ba324285cc4183041402515294ab4e344ccd8292686bf05755bb2eef6f62ae9fc237937a3f007a1689540625fb6a931735a8b7ab57472a8c4eda8e7dd4072139f0070c71ff9059ba6eff4b39faf8fc3779a45b86cf995fbc32fa2ddc50aaa4a476528e2fd983a352a87f6bbf949b5bdb3c238f7c344236734b6f89e2d66d68ca362fad30f1f20d5c7cf474a5357e4963dae2847ff065b51c644eee63d03f99d142265254b1801446791a9fe2d1686403543b7d59f8b8143fc25dc87ee71cb022a185637fcc16f02d58893242ef328344347117cfd7a91bb5dd8c26b369828ce610fdb0381557fa988f953ec6aab1996dd04903920e1a9fe9fe49840f4ebb32e37242e64315edc2ab0856983a8fe70081f934c7dd8c092f15011897585c0853cbde8ffec6245b69b1b2c45a6c37adeaad91975c8d24d78a3601438a434b754242bccd39d087b524cd9e91cf74605646f5ec669ac48487aad85b18f3df0bfde21633a485ce64319a20febf4a280886516a2c91e319bf83f9e5d25a537c51c7d96263a9514929c70006160c2db266c851e414e08f9b96d4adab33e2760a973fe91e02e9d91b14a1de2b5d78a13b46b0fab5de92c2e7d712d31d76d6bf96b497e3ea71e15f1d4c28b5e421e8af46b3af183e6d1593a30e943b718c12809e42cf0715e4e10a24aaf0165166022ccf623cdf1837425ea7ce958adad99340650d4f889d8bbdd2daba6f01f7d89aa7f7f98b18a5521cccb327c5797ce8a682d80255b38dcd35c1a5106db88ee5c67893030ed2b5164ec315a073476c5cbcba034022652db0249758c24c08da514b1ae8a5fff6ed4e51f7c20bb317892e0fd89e779aee00282eeb6606088bbedbad6b888a59312fe4b536ee3a5489efdb2dafb98bb72513a1c00b221a3a99833ad87f4ee7e4df0e0a1b55a99154544fe1a48902b9870142ec21528f2bef8f1bab7f1c7003947762c35d6fa8b5745e10268a55f1e5ea5470086dc19c6b7a657b9de19654310f72200d015d9460839b0153abcb85b31b794f6e1b4584951bf0b76501b8b61d8c33e2f76961fb89600d7aa05466fc0ffc0e213f89961027e2dc03f4787612cd7153ddd80917ca93cfaec354a0198f13a9aeba2ab59b99c917f2d1061ae8720b869ae8fee504984f2b22951a0c79e1158ff5e2b2c787d96c9b0cd6019a8364b4d9903676b4b7a67361350624d55b69a3d8e2693035950cb0ce5f1fdfc64a6786771be735ef0b786f361d8dd77205c891dd240fbee27c5b4aa4063cb43699e6677564b6aafd4d30faa5709bc6c41bcbc329269cdb43ecdc5eb521f2e0b019ea58007deda886e5d716d6c8ea339f5e276ee5abaa07492cd3da50945dd070b35e7836558102eb878120646037d6f05ee71c0b72d6c95f4b875c608ab10d815e314e05008e2ffdb6dc5942c7249adb0b50f506aa35cbd084759c688c6bf3418facac09b2edb402716e23fb0052d9b40f2aaab15cc5bf382663f249b3d0ab03e7cc3e2ce81bcfbd59a92d05887fe487b92b41129b7eca0909af89667c889847dcdc1ef4a82c25116f556ff775e66a42ff91b43d771cf3488e711574590ea1cccc54f5bc7d3585fce9bcd2294a48c6629f4dbd3905e91df6951be528c403534f0609d764933b5e81f81dcf911062f86e39d909cda315db4255107c027fc1e6e1acc1cbba1775edd206f890763f4f02b94f91854601a51c94ececdfa195a3979f28e9819f158f5f3e3767286440708a802a3e159d4af6410e0ea1bbbae89a0f563e46cbfb1a7df21e08dcdbb0b06b56978318b94f47ecb0828de2cbe95e73a3b64c0ee46d696e933b793ae9fb79b2f648337597017aba5a759edce988779d347008413a1dd16ac61dcc87e68e4a077c76899ae8b87b57371542eec41ebcee809d3dd6b774f592e82b05931097e01cddfe43ecd82c16e7b6bb2296384bfa6a5fe054cd03081b4f260a122240c337adafba5be0fea376a8ea2096b3d4c5fb5163afd4aad4572204ce228fe54707bedf10cd311b98cc474602e55b65b8dc6711fd7cd3edb39a0319c992e8c872b209a497424b509aad2347aa83dfb6c6ef961e164d21d509a12e3695270c5c22fc2f6c169d67b9c7a6afd372dc9a820b2ea0f4a6246692b47a54f4f38f3f09462c55af5e2b22026ff197f5c1dffb6792fda3911c6f81dc18363df0739559a3b894d3921302debbf48f1770b7c00f548a7e584a23a9a7abacec837da5e1f7bf4149c04e8e9357244cacf39bc911a528e871405888daa8d79fe847ab55eef29b318c4257c98ced33dc62aac1636ca0a1fc9c02d45e6caaf0f68a19cae9272a4592389ed41e6e0bfe7f5fcdda884d6e056bf394e3b196879a0de6bf466644cac3b85c44dfd91cda15bd6fd6ed0ed8d1194bc3905626eca94f1041f96c58713aca5c2dc3d253fd0e882b2ab7f7625804fd3ccbc0ab706496410c17e3a944943fb1e011385c80b59ade0f0e8a4c2c2b43f184e60083bc1ca63e1d5ae10d556af96a131b919963e0fe705f578f2f3749a0bc0cc6ee3c910bededbd876785c8c7d88bded14ca54a6c01062319dc5985608238454e376b313beb5f5a091f77afef2737b8caefe3ca4ee7bc49f6e2c48bb483b3792ae3cfa4ccd923206629e6b9d2ee81d998dc96ef0cf26127e7d5f72ee2d0be849000e60e169bd2a045d03dfddda78a9d754ff91d91e241f270457440880413ce0ad6d34427af451b50c994f754d45593b6fb10593b306f53893df65ca9338fe1754ac57c16f2918ab202be18136be2b12ce06d546ad9817b2728af277a087216569823b2a8ca1190467add02757b44c174796f66cc4494e483c0cdcada471376db639b0c545f6e363213596ebc108af942c61050ed383f0a64a1e4f2b0cfb1477b2d8e1636cdb20a637159c21f12126e156b857edd5b879ae1cf1108a87d9e7b74f062f36c420aa7524f718191bca43574ba4e0998f4b2060add91534971336659bf960831e19c369eebd654cabdcadfcfd942fbc6cf4915b75cebc6b539817e7c29f90671e80b9864d8488d87858952582213e8ecd19062b8b688fe0c313109f5c072a2c43d8e2d75edea553748465d8e5964669c4bfcf20feb93a69c7cbcc6d40e83eb0112d0579a3592e54e44651b23cc14516a4acff33474662bb8b5677eb4003fdaff5bcf0c94f212d751c09babb52ab691bda74a705e20022a707be63856572a06ed67527ba4c92712949d0070bbba3cb7e66a1cde0d1f21313fd65b4e8998ecfdf93c498004d0f9552d7b2bdf0a4d818b24bff9ddc15ad4b1c61d4fdd2fc1dbea151e689f7d8a14a647595eb0b3d170188d4a5218329e7c9cc583418b36f7776bb0d6120de71732fb4cb4854ef7f2227607a140f3c6cd2220f487c991ce0b6b4de8b38cd07c3c25b29e411752cb22746507780c2574be5da80fc0cbd78ac4534ed34c2c99812f66772544eafcf8d98bc18a818784103a799fd9eac170415efd3140bf6c621bf6a565951e5654a36afd8fde6339b82d916375b60cc9f51b0ada2bed3dea15c4727143d24352ddcdad1dd1bc404d405109329bdc658fa581896fde4103c29a3af31857fec60f9d3366b065375cbadbb99b26d045237f76bb813753aa78f4cfe1cb38349d2287882ff7ed56d67bb870a9b4f8745ea09181772d002956354f3f589f5c4a2d0bdec3579f27a82eaa02ec5f4b54eeee5bd039134fddc578fc81842c8b0c39ad507d8351464865a3efe177aecb0ae3cafefb007c86085944b9aca4651f90413206f5dffc548a48a96f4e6da08e44cd303dbc8c432e15e0a711205f75e640ef65b3f63f92d8cdec43865236771382b0e958aa43bc8fe2bca226b8256fe78e445ca3ca904a8359c40089d423bf07bc5a9f169cd27e9c706f78eafc9e90761feafa3f5e22172ef2c7fc7da0a3cb4c707d75044c489e4050e20e4b6ec22d3c5f6ae322c21efee5f00b2a3df5d286cd99b5d4ba8ce3abb752b27807b455104c807415aa3ea343cfd3a19d796c294447f7f0ea04a03c886ed1ecb1a5874d62bc8c4a34f94b47ac2ebfbed0a0a6ae605bc9cdc51444341b82a5150f8125a7b5865ee88cefcb8cf35006c43094db8ea44dbd4c0f099f071c3d4341a2ed70e647a721385ef5dd054efd122d183d966dfe39d1575f82e425a0d83ea066120eccf8b4348c278eed705db446a32bfa2a52fdf1820673a63e2c370a447dc355933a4ea90ecf646ea7a236de06e95ee31a7ef3910783cb2635999cb5d142788d5a505fe4b95a9bb76967f5f20278e7850f705dee1f2eabc517e8e66b7dc614291722d232c496c25f0045212901da6396cf7ffda7db3854a593047cfc1630ca96a011c82b332fd32a0f2f4da9473116b2bfe2e674c13680df9f5aad1efac0df888e319bb58bc9343ce26de9a6408e2dffe5d956955768b0c49fcdd01b0c00c1933be1a279b2c793d4b1789bcce8dc72ca5dde42db56a30c0c65860d2ba3b13d2564bc5adc825a6e9791cefe099419bc5a5e199a401b7fd8f07755334f276862687def0d5b83fe623d463cc4c8806d4a69fe6e184ca322e8f8c701c03b7abea0ac7e56de0a2b2f56f02a90727f6fe86ca5cc4106598dd9cd5f6f23293f384aa30a87809e83d3398ac10631ed27fe7ab1c7fafadea4b2e9975844ac950bd3aa8907e484569ede84e2a105a9c1b458c04d67608e3555e2aeee6ca3bcd404e5a4011bbb3f668beb38dc1f36dd87d6c117ba9eb960188486d34570fd8dccbe18bf1b12515058065fbb", "b789a0e5f73e7f2b5a7e0c3301cd808480ad39894ed99cc21315b5ff3b8b72e29eb2c026363eb765c1af3b2f868220b75c2fee7f60e4271f6d2ac2506b4d4aafa856e0cc402aaa4ea90451cd6d5e0ed31a3dd0f646bf44a7c0d5268a507824372483f20df8090917de4ad6284912a77261be6ade8fee6f10b4f476353012b485bb51c600aa537b3b23a49b573a39f5f847ceb6c111d5dd8b14e82792ebcfab65bd213b6c50883a7886ba70da32bc6ee6a7092cc7658cc093f2af1331da7885c9a161dcaffea4b45ae276d9a4512b21cd3db405311b16e0a1af384425461c960fd99bdbed44881c9aaed06d0eb75f11b8d393581939a414ef1945d2df228aafd8f380ce3600442a83ae3f77340a818dc8e8230666f92155a1fd8c42a2f560cec6a6a9af14ece5a91bbfbbf1ed54e11e775f9ac9f0f1ccdfc82eece26b03b091500505761f9513a40906e2ebf9d04aeda55cc651a1acc8b8dbea5e8f1b01a9417cbdc17d5f2345a41dfd562d8f3a1517f1083f8ff3cf8c44eab957fc9ebc1dc41f0e2da747515a4b4e52904b1a413c773b93e6f4783dcfb83895ff27f5c5d2cac4f65162cf7e6c33f6255404a76adc4600980c49a4cfb9062985e13e6f3d7002abab6f899911ce8b2eac3f523619d33f8689dddb9a4fab230a39eca109fb4256b140bd23ed9ec0e321a809c61df2a58cba3918d325904f0f9c3831a4a799786542a6fa92d3ca009f0fcdbef7bb777bce5c6dfe5379c00829afd94d1dfc17ab8737899c7bc7b46081e4d7536ef09162048b9baa8f541607a0e8824ba62aca7317fcfe365ce1ab908540e1b273b6b173ae1e1cc41e363aa864f5620c41a76fb04ca52efdac49df2bf31359f69290e9822ec22af74acc39bf07b833b355681aadf7b5a4c866c53286f10599f5878220ddd5204ffdac072c7879b97815e0b6678ceb209173b335a2e71e613ce7cd9454d4a6e501c747a88ec213f4cc4cdf551f8f146a838b1a41add8d0e4735c0a8782e4e36369154e198881df3f2323748248ce58fbd850dd85edcbe646afd443dc42f13a9d7ff67e35c37b4bf80acf9bb2ec9d0b4adb748424aecac89657a80cd763075f0c4cd2c2f7608b9491bee1efd234fc4470bd4aad521d74620b25b3f16f283879c4eb8fce96dd9402311d1b78b40d2772de277698d4dc32a14eb9ef5a5e89dc2cea8f574f9585bf7f9f85b3929541604ba19eebfa1e7b652b1334da414b29fc7835c83464a66a35cdf19f9c9987f1b848d56bda0b37b1e2dbc77324a1a949392457506eb95792124f20f27c608a33b22ddb25c51c411bd0827f9c640fb101553148e6e3155ffe5bc208bfcc02cf3e965163a67e266aee33e0114af9dc1a6a37801daa137feacdf2c28a3b6ffac7a54603f290105d9f73d4cf32cf6e3db6bebf09ebe1cdc81b55a6047b46d6ca09ae0db531efe2c6fda1f772714c0f77058e339ea357241953deb4f34e779518494866b30a7cd66cd4c6ebba41d1101709a57483ce4e98e4fdfd407f9cf8c7bcecb17eeab9820e7d6d57c1b6aa3ae3386b5a99e2abf6fb9b2923eccfda805d97f3d6ee1ed3e5212b1a9624cf4d5d7d6f091010bdb99ff264ba26a415056051d658f7b13301d244fb1806ec1aa4450e8d2aeaf643e47ffb2f213e51ca5d121a4f6b1d6135238dac4f64e8185231d2663211fee2d04a9f44fc57ea7fc5e48bdd0c7e614efa5f45922cf48bf26e1cfe525deb516c587b5af04a5f2af6eb14c4a062f7c762ed24e511d9b170bff85c7fc2f21ba47b6652ef3c188918ec8e4848b025a542aadf9b5f95036b0273074162136b1ede55f2b6f9368b54c0b4eb3ebe2c659694a39e212f7166c72cae9867aa821c9a2d2bc91c20caeff555a52add6445935fd7fd6f5c1f2b1ed2c9e4872e713ca3ffdeec1c6ab0014440e8a3b9c17ad595250965e3bd207b1f4af3eb8226838d34fbfb35fa6ba6a8198ba52bb68d2e4c4fa30655807b034d44812f89b03bb852c0fe9170761e91a0dbd9ac091d38bfbdc39a525cd46a5a18cf0b54e0a0834c6c78d8474a4cc57bdd42d52468b7d7e465fb737249836f359a6277bc1593fabecd29367bda83c394a939972a58e40eb898da4fa39a41c3566627fc4205bd5e396549ac30ecb93e939f696bc3c0dfead8df4d26cdd2568c180b7e345a9a6c2aac576227fb73f2c67e74f401c7c57bc70d65e3a9b52fb898351fa17987a0c636379b46cfce15c04934ae5b34b9ef38d4d6a54ac1e0311e592d7d6a63ca24d8fa4ca2fb511ee1e95029e8467378cd5fcd053b45520c931e0b4c76fee5375b1506d1f1db2458a7093ae239cffdfee73afabb9bd67d61ae407741137cdf77606c879e4556f4178a23ce14e84b41c2ae25a802753e727d7c2af82d0e0e329a63b4581bf8281e343407cb65f641f3f823bb20e1e45f4fc7661d31e6a6f7d8f9f3b61454546f0c83300323619a55881cd21bf34c952520e7aedc55088fc1408344fd291d46c2c445e77ec1bf8588664d0d62d07888d1670d661047ebe204518316f1b2500bf14b089e1cf6d0146368b41f7ff708b9d5c375f6d33759ab697ff335e17a196b5134150dab1389807fcc7073b48bd69a920e32bc3aa65a0d60ccf4b14bb897c9c0ee3d46830d9646078250586c20aa72473efbfe7d48e52d5349e6800ec2e1705a23a7ff4a1742d8cabe9a2399d332368870c7f7c839ac4900fcac964ee47dd83504a82acb60423108d285a13dd0cd32a52ef286e743fa32bb142549dc96e4a6751c5f99e6daf9714ff7d654252e2db11d318418f22847854034df7b4a3eae16df5a85c2d2c3da00329d04b081e561a4f7756104ab0771a61c8411cc0dd3450d93b7915dcd6df6e3696e49a17dbce7e0e115201a52d9d98f91dd47ed90af3cf06019b15a2b8b242db728b93aedd6184c7f64958c0e5191328c1f7e471a3ec431ef509df8b967e1924293d8d7449a12f3bbf5cf57d1027ab17cc2d12dd1edf12046c3fbebfacd45c379248dd49c2498e4ef8ec093d39c19147a611dbc8319770c9942b1eec5fcbcda2e1a0e61471c28c41a0f5360988037e451525e6059d16e790656868840fde8087ebaebe56a2589c79a1635c784f8deac95d2f65d9c8a72c883c310dbd7102b41a534e18517e2d12af882b07da53350f7578752eb5af62009d676d98e53d56117833f1c197606da84934108c53913d656dfa9fd7037202ab7990f0085d3bff0bce7de3337751049847f1134bb56fb7c041604d1fdf998b50ffe164928e5b8d01a828a01020e72939c40287fcf8b12321b06b11c6f4f422a8758029599af70ece6bba8f2993b66d3ea51d7ff7a4ec1f7a2d2c6d8d50161e0d5b801dc4e1890870318cacf33fe4a76c28854290b33e5b04914fc3a7f87ec308a30f82ddd8aa3b17c7d2e819cb48bd24dd00e3885261ea7255a2250f0dc618779f92f1cfe742100b7b0c2c613eb306c01873813c02e9a0b48d4726b379d02ee4ab6d75db9d41a3fe52fe52b637d47fcba077fc28d24bd3e7e8a8cb4ef48f8532c4da081fa95e70b1bb6f1aaebbe8d2ca87a9d6da2c7001e62132fd56bfdf3de10883c6bd3267b45df28644b3a410552d0e68c95e7c8cef2abd00d2810cd59b6bfa1dfab1b954f6dcbfbec58f62c274ad241822e3c512d3e104f61054b41bc8973f7c5ea5192661264b90a619d54b0e622fdba0740a02116086bcd74ff6d807367a2e234cde744a560111c675592e842c2ead91b2f27f21f19e060b860e33a3bd6dc39ae549757126872ce3728559f39afeec5843b2f1bd63d9cfb769bda79bcc29e6e07f2ec07b1eab933fa958bef54426ec887ed00efd37d7981f09801dc51b3c482230d8e735d846d6147075b35e6ded8776b3055ee2fba464ca2af7df55495fdb86e8789e1976c9999eefb0b70bd6d3ba000197bcccc5d6e155204bd2d0632ff0025ad9faf089c1cfe15409087bb7926be03f0cc0428dab21fc1e7c4b4cdd593f6686df8f30f98dfb1933ff29f83af41525c504ee647c4524dd7b2ed4c3020481b108211b344c14f6c7b7c511b411cb4008a236569bcf10eb67a99bd7f688031fd3fda0090ddfee69e04e90fb605f378d69e8ac96348bb65e21960ee47f840d8340101e7f70ca2a3e162c6d277d77bfe5b083a66c97319198e3e866a802691b2835e34ab1b0191e58e94b101ae640e999ee855b4e4aa83b09108fbf76cc40c444b179f7e88f2ec4748b5eee2779fd908ed8e57f33ebd7280a7e0cef48bbf16d60554f5d4066bace9c7e9573a4f4225a4353d94a63007f28fea89ca5d93eab69c589f753b7b837c1f34283e35292f8e6a12c05448aaf8dd0f8835b2427fd271508377d80b0ce957bfde833f2fc16ed45556838c2a36729a2493a1db3845cbd14fc24df1385a02fdb6fd39953f19f4aabeb6bdd882301557f125d77970302bca5920d3b09faa49e55659f1bc9e0f4f4e0cc7e508a9f23cae0b0faed143c676a7d223f134da372f43a7bdd94688391a3ac30670532e25085c04a82ca4835beace41e9ad9ba1782e2c237b2b933651a2244cb9c4fe55c2236d5f598e0132751507f1ce6cd0995945bb9f17e79be4392eafe55f7b3f919ea1d24cffa898281e4e7b13b64225ae05a73040b7d0366d2d3baedc5b418310ab4407a75f63c4d1f712e193ac282a9b571bc025897f15b9b2d6587f23459f640ef8fcfd0fcd2a1b86dcf3118e1f4fc7a52f653f569091e8295eaae8bbb3cdc63ac630a4628d003483566b8dc3de0d6dc2a30b33138fad4cf5b2077250dcc8be04b870120901f6c3454cf4abe4645c888bcd3256066667002ba952885d10a0b5c784fc051841b6706ce5e3457434defbb88a1b5f9e4ea171c775b7f92f74401a21fb82907e6fc692b9596355d489820673e758c87f257ec0c5789fcecc0c13055d6a3ce39e15e9139fd1d3228b94c48f32c00a0c63439eb838688ede8f593534e114aa9eb978d5e3dc7906e4e76162379e4044b3afc67b10ff994dd71cf1a8ef221fc0be7e3e3ab694bfed323a8fed9f123d29963b1164723506ac7f7c01dc0e46dacb522e8576817ebf1aa496c3c42856fa4045b3feafa1ba60e4e19fe5128e8517b00d2024851da74035b03db088d432e7aff88db9c85077a8fba1cb58843e74b532f5bddeed4036ab4f5f11c517434180d8a53b473620f2d4b7066b38ac078068dcbb8cb8a8e7d29dfad500351cac9f1e44da88577077df413a3ac9005f146e53afaf017a87e73c98c47a4621ac9b1d1eb27fca14afe08763181912ac0bb21ccad87e9ff995afec8fd2c0a27dabbd4e43c196d45ab3f863eedd9b07933db7cbe0cc19ba3586642edf3bb1cfc4336c6425bb6777ff010efe163d0d553b8f883ffa45ede0534ad7facedb3685b892211d4e423cea12748c59b90ca7f639e4afc27f9c83253d43da883df77aeb4d9b3553017ae339ca69afaf2da47a1fd55562c928463fed4b27cef036749b23c5941835b55867de5692b358561c90f2c1c03318398e0f5b528abf62583ca7c9f6f4db5935dabc75d2989f178f2b73a4b12a263c3e7ee8726562bdfde6e54626bb005136e6a7334c1ea1d2457d86b589cefc5673cfc2a767888cf4cd4acffe18d66e22b87a86c23faec67c99430a15570edfb1548d31bb81c0d7f52c7b0ffc7d6f34967f4f21dee407fac0593e182fd0423272424a49d9d88acb20dd463352d0e58ff642e7406a685ca64ddae6d86b2610df5568e6b63ad73e91ba68616c1196d741027098c3c5125e130f509a9ca74398bdf08c"}})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x1)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r11, 0x4068aea3, &(0x7f00000000c0)={0xbc, 0x0, 0x8})
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r12, r13, &(0x7f00007db000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000140)="c4e178525949660fc776632e0fc7affb3d000064670f01c266bad10466edc4e189598e2c6d0000c4c2fd38943183a80000f30f092e0f011f66baf80cb848de4c8eef66bafc0ced", 0x47}], 0x1, 0xa, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r12, 0x4068aea3, &(0x7f00000000c0)={0xdb, 0x0, 0xfff})
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x1)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x1)
ioctl$KVM_RUN(r16, 0xae80, 0x0)

3m35.810989854s ago: executing program 2 (id=465):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000000180)={0x4, 0x0, [{0x80000008, 0x7, 0x2, 0xd, 0x5}, {0xa, 0x451d, 0x1, 0x7, 0xb3}, {0x80000001, 0x6, 0x5526, 0x6, 0xfffffffb}, {0xd, 0xfe72cd2, 0x5, 0x7bf, 0x2}]})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000080)="6766c74424005c2bb7866766c7442402966e42c06766c744240600000000670f0114240f1c3bf2268f87b500b8bb008ed00f22dc0f07b8b4000f00d8660f388056d7b8b5008ee0f20f2c8a4caf", 0x4d}], 0x1, 0x51, &(0x7f0000000200)=[@cr0={0x0, 0xa000000c}, @efer={0x2, 0x900}], 0x2)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r9, 0x4400ae8f, &(0x7f0000000540)={"c645d87940b5476659fa72fad2075cbffc5f8b8e219172aff2d736ffd8b40dfcac8a84a71d06bcee4cdb1543682bd3baf91c5c80bc7f8f4538d6d459f19ecbe8a58b7b8a1e5dd63473243333c88d059bab09ec0b91621d0ca2fb05393801b36c3fbf903842cfd60413af4265a1c931106b2ed01c199916c31d6f0b213731f2589994c158e9985c5524e15e2f101c18959a9fef2d5a6aec6aecfced9cc107e2780352c8899b5db5c5f8fd0a446ccdc2dc6da0b778835d0de9f9d74363e3a52f7a96ae1c2b86a30de0a49f70d35ccd8696ffdd8d54fad3d1f4ed8bb6a919a8e3a40303a38e1615c7d9ee752ca2c25587571034435d142bbf75982241f9f4d9d01a69831ed7c5f90f411bcccd206b54767e4228c3d4ed99658a383c0a426fe2032f61cd1baba50425565176e4c9461e6ea627ad56c671e8aaf65ee7a55aeb165c4e61f3461b1b7bfeab4220831b5015a08bf0ef4ef58fd9942267b7b28afdfa06e64caf78619bfe70a9f1dd5efec9c2bbd3c7d26e54babffc7cddccee8d15c6c74451f57a42432a7badd5426e1a3de0f192697ebda672893e7508ff130017dccfd002ba5d3315dc022bd01d5622b774d5437425bf2ff7c3f5da9b4aebb55595760014211c18b3c7a1d0c13e3235f0b81f92c57136179c51b753b1bdaa0a5a5e99d5189db97c77b83145ded75990c194e4ddb04fa14e280f86b6a89242e4eff96098ba99a8aca74711747ab846b1fd722c5b23ff367236e744ef25d33530d9ab7e2b908900911e41be4a638ceb8168739586f0c5da8c3c3096d3b46e127c69b6bb2946b4b5fd26eeecb902e4e330d3ee3e5ddd8061e989a0a0499daa96598bf86e67d1c9688fabd740ed1dd9b184925ab90346d73d99f30ead638028dd36b2d7be675e4c798c5a77ae4957f30f57b9e981c161ae7536c2d36fb484aa9c5fb809c9961de508db0349bdb19a3c32db8d1d777bd9eec5ee9633e9a427d5578f236ae01503045d02ffcdc8088adeaf8c7f86a6e12ee53e36b2ca8bbf40cd5f6967e310b92786c91fb0f9a7db350fedbb2673f3337507ca14e764221e42cb741b98a40ce72f79d93cacddd47eb3b2d6aeb1b1d6ce3871112c0ab4310b4cbe1b29562cecc209402abd1543c7e98f95a691fe60427d091eddfa65ef35abd61a3604294b1798899454f0a2040a8549e010d4d2f00dcb5e8912c929e66485db44ded70aa409a8e1fc5727e398e1bc156bcb01ad0176b18f949d56281162782a271b206795891ad16282e29e1965fed965f12355217ee514b512ea74056e0d30fc4dfb6e1537e2b4a7ca91b2c07eb2d507c6ed755994b9856bdb98b5986b24694cc630d69404c42a525060ec07dddb8185d32151df3ea8e7715918c2fb49a6d5786bc55347cbf8d7a82881602e776101afe79c4a58757937e42d3ca8ef6eb0db48100597f644f5"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_GET_SREGS2(r9, 0x8140aecc, &(0x7f0000000280))
r10 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="66b80500000066b9bc8000000f01d90fc7acc661baa10066b80000000066ef0f01d13cae64640f01c50f0f0790e058ed0f215bbaf80c66b811dff08eb87d008ed8bafc0cec", 0x45}], 0x1, 0xd807f916f4a3e29d, &(0x7f0000000140)=[@efer={0x2, 0x800}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0xdddd1000, 0x1000, &(0x7f0000001000/0x1000)=nil})
r12 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="b99c0b0000b800c00000ba000000000f30b9150a00000f3266b833018ee0b9800000c00f3235008000000f3042df5a99660fd96a0db9b30b00000f3248b85f01a35f000000000f23c00f21f835010006000f23f866b84b008ed0460f01f8", 0x5e}], 0x1, 0x28, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1)

3m35.250969699s ago: executing program 2 (id=469):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000040)={0x1, 0x0, @pic={0x81, 0x6, 0x4, 0xfd, 0xc, 0x3, 0x7, 0x4, 0x10, 0x3, 0x3, 0x8, 0x6, 0x1, 0x0, 0x4}})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000480)="6466410f3835446f0948b8f22a0000000000000f23d00f21f835000000000f23f866baf80cb848001d83ef66bafc0ced66baf80cb8c0b90788ef66bafc0cb87ecc0000eff080990010000000b900030000b8a046b5d3ba000000000f30450f208266b818000f00d866b82e010f00d866b88b008ee0", 0x75}], 0x1, 0x46, &(0x7f00000000c0), 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f00007d4000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f30360f38f631440f20c0663507000000440f22c0c0c0750f8b0060ba6100b0baeeba2100b0d6ee640f011a9a0e002401b82a008ed8", 0x44}], 0x1, 0x21, &(0x7f0000000240)=[@dstype0={0x6, 0x2}, @dstype3={0x7, 0x4}], 0x2)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@x86={0x6, 0xfc, 0x6, 0x0, 0x8, 0x4, 0x7, 0x4, 0x1d, 0xe, 0x3, 0x3, 0x0, 0x12, 0x2200, 0xd, 0x0, 0x5, 0x4, '\x00', 0x2, 0x1})
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000380)=0x7)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_SET_SIGNAL_MASK(r9, 0x4004ae8b, &(0x7f0000000100)={0x2e, "4604bda705a19f1fead8c364ff83b56786d6defd731216c6093bb66ad4bbf7fc02f207ddb902cfb0112a49abc9fd"})
r10 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r6, r10, &(0x7f0000003000/0x18000)=nil, &(0x7f0000002940)=[@text32={0x20, &(0x7f0000000280)="66baf80cb840012b8def66bafc0c66b8000066efff9e145700000fc76e0736660f1445f366b864008ed826662ef30f09b8010000000f23d80f21f835400000100f23f869c330ebcb580f2242f30f06", 0x4f}], 0x1, 0x40, &(0x7f0000000040)=[@cstype3={0x5, 0xc}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x12e}], 0x2)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x1)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r12, r13, &(0x7f00007cf000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000300)="baf80c66b8120b978266efbafc0cedff1cca00000f20c06635200000006766c74424001c8500006766c7442402f5bdbfa66766c744240600000000670f011c240f7918ba2100b8efe5ef0f78cd6600660f380077e9ba2000b8afb4ef", 0x5c}], 0x1, 0xe, &(0x7f00000000c0)=[@dstype0={0x6, 0x4}], 0x1)
ioctl$KVM_SET_NESTED_STATE(r13, 0x4080aebf, &(0x7f0000000700)=@svm={0xa, 0x1, 0x1080, {0x5000}, {"799b716700234a4a8be896194729747ffa50ca1640e3c0ceec3ebe1b693ecf851fd73b554d8839a9d226a5b22ff209b3f161cace536ea7546b4e5191b5456a9cd568f6a5914090adca4b15e722196114ca0c31c41080eb263635de46643add15552798e738ff4669bd028c8f5f96a78a4006464a4b60d7aa4a3d58ce5b8b3d6e2c921271866a3d8645338da352ac4c8bf10abc51ce1144f5f8da622cfa6bb4a7512735fa8d33f3de8dcf93aebb6f854173287ce8dae7573bb5c36acdbd64fc97c420cf84acaebbcc58c3be44487a557efabf3ca0179f77fc9621e06438bcaa0124f4b213b963bb227563dd6721737a9062a526c44718496e12e9129e14f992a16d29b925e4627594acc88e75ee8e542ccd5a0d4cfb0d620bef60dc70a959faf36fbbc56aa62ed00d81da47e9bf112b59819f92917a30d181e617fd001c62ab7d407834f8c871baec8d25ca703537a1786a93778756304ed589bd285f1733fc17a832abd9649e00dd6b87353c8a7807028e79878d3d78ad034db569edb3c92fedf8e02f5bb07555f4edc33cbaf66d2596a35d05c0a808c46f6f02d7f5645a618e89d489f553b24634b53e6c2bb3857a6cd488c72b69f2d4e69076e5739d544ec8ecb53f13b8738a6007f1a5636cfdbe705965005e4423c6c813450b44efcc9caf938f1ccba9614d12eac8566c4eb28c2999e764689eadee0a09a87d1bfb9ef78c30521850d4f485e0505e13649639384305fed5b4c569459fa6c86af89d90db4376d869be881e30eb76cf01cf8123a33f57ba6e440f83f8650a97e6647ca1bc18429db2aa952805cde5ddac91340510ae235f1b0ac6e523d6a6ad4c9e4135521b14dbfb77aaa07bd9be1fd76f898bb2f6687348ecbd246cec1b29a39f7a5afe27dacaced5167722802af26898dfbc7d204fc3af82c957c9c1433f55f200610afaff9902970039b58fba85eaf90fc56f2b9abb9999753fd87d699484d165909bcf946c6fff2ab05b91e81c05440a45de8fcf33ff8a73901ed49e60c001eeaa6beb026cd687c981aa0cfba0e85df03b578dba4fe0eadded5745ec4cf450d8035ade51cfe2f29b928b7cda9c57398b80e06ab5ac3af3382b303ba4bb2cd1c993d1fc64d482816280369d62640db372f30fd603b378815eff1ac60d56333a8b2c25c7340acd27a7caa66dc8e8fe07d7f6311ebd6862f9c2df9617b7f87bc18bc6a77dd8dd85ff6c3b7acf9f34223a2c956220752128f7840cac6a399a9081c9837f22b22edeef1b8e32eec6631362b1a6b47fc66d5b4906e7f8089728f384fa8b3abe9883bc78f4844356e60db08b29a1da748e762059c84e0e3f4ce2e4012d0bdd175e4694fd37761c44049fd00e496d9329491bfaad78d8b3a9475109b90d3932d76ffe8fafffc9850b98db1bb76e14400e49072c7f8f8df01a0ed2964cb752cae0624344349c23220c845978a7d552702e6719fa4be46f781cf3bf10f48dda49cd1ff4bff366c28c382d4a1e98cf87032b626432c6a5294949e36ea9fc7f0fa3a2651f7f21e3ab11058f63c282ed1855bfaf98736cd596d5af164604f9a6cf836171d6b936ee48bfe776cb5c12fac30aac7cad914b69b1da2198092dbfcb07d8d8f8dfe0b015b5f8223a3b6a12a46cc3d6dc2072ed7213f33d85adc790036dbff61c7917f1710bb5dee544b9278a0a395e1eb48e825e175bea0332abf1c17cbdee4f8aeecbfa4328cd5f24526d8de002458aa7325222a463376ea83f4b6948946ef317f010259a58de9cb0e9e9758b5a829a1f815807c88bc84beecd1b19780f40a84c9e2db8451cab9ff9cca612277e659cfbddba7375a18ca0082ade387022049bd71825fb40016138f8031a3a6b6918001f7e338384972a99ee4b0d423a73059738ebfc484f3645eacbcb9a38d69d5df1460a5c0f3af1fe5284b39b8647f6a78f918a0fff6013af4c6d7f8f7a863a390eacc9f1611e8464a2a29c25a5ccbf6e81fe2ff4cca04f3d85a6bda0b3dadddb8b71613eb0307c05796d76f53eca34f7e1aa481ab71880bb2684b59e87358c7c5e7f73dad108236cd6610645ee3188113ba3b3fabed8e7fa1f266dd886239c3310778172d8a6ad6267efa51bf10c03b47469964ee05593299b810af0f21dc75bdb4f61f7f71da2f0069034e474b049f306579775dd4b1f71d5fb79f6bdf4ed9db6c9a5667bc784698e83fafab2ef3edcab31f9153090baa52b7117744bcc996b20958491fdafea48b242b111546c42d9178fce7dfd09902f05b4a5ba218349bc0cc4b87b8a39694518811883ec02b7ffa1367ba78031477558ca2c88edf6755dc089dd6f7f777c066f5c620c6ac353592dcda030b3ee56b1aec13b6bada8f721d3b4c5d51e15e933ac2fa33cb0567c43fb0a9345eac1350c683bf0630d9489e48f54161db18cc797012a7e5c6e0a96fd5318b6612291ef9a3732730108f8de04becdef1dac99fa80044ce638e05ffb9513f0279728d0c9e89ed1024a88b4e3dfd5e7560861d39319d762110e5db113e4d4f341d203acfb8834c0b7bfefad0e67a794d9f58d383523a481ec3a727be23c27a4959fa9a494e48de1f188dab435c984de831cba93c8284e6bbd80bcdf3a8d8311a5aa2b568d87f89c2b279dafefddf898e8d64688d1dc1dd2d0bf3331c4f208abf171c1a7e5093ee4272aaa6a6853fb7ef1ee1d21bee87e82a864f80ffb1034d9afd8b080d8b5ff72779c77d4dc5479ac0124b44a18f09ffacf7ea620ae8e5abeb00e25545ad4fe77c9db124db36e890667a280dbc087901bd777aa043b19751a63167ec43c140480baf8e2a843a4aa1c091880a7f5913cd45719cdc8675f03eec2bbbefcd77f26c1ed9912be3b8707742fd8c7a5d5425614c74014bdabc58a1e010e21e28fb99d8d019943e92e726447cd12db2619d1e93a05a5f177bf4a0b5b8f98ce753354491159735d0faef3b4a9176d465706fcd333fce395dd69a9331a2c63724dbd63aa585baf9e843a16dde4089dc7cd4694172d809fd7e7a2f534900ec62165faa6d796c98eb320ce7bbbae116d384610738c38dfd919e9471484f594227fd8c7ea5996f7f331927a1ca6b96aad889bc98bf7b184cc09baadf3e4482afe2d457a1ea445b4f001f0ddba53133a3a488e99725517fbb5dec94c55a404ade8d4c7511852bca4c46d2061fba3538ae28dfacbab71678d24bc360271724a4cbd06d759a453774005c2c4ea3a14c8c3e1d0a82f83aec9fd9def8e0137929ab91999fdb13e7e4677d5d49ea23b19a13bb39ae97990e41be96fa3d9e7818a1aa9f0a3cac150045d3b0d9ecf7b7e17fa793b31c8f637a12f493ad359a5c1e3dc41403d103fa4ced67d859778bd3f9189238e37066695c5bc66b960b1690e091eb70b4ac3567b54cfed6f4de64e49890e869cff56889e28c4d13c09955df620514ebb11cd2a9e547ec0b98e4fb3cbf208114eb6470015551617b4d36b1ffd2d4c6395031622c22722d8227bf898a68bcc1e7087fe2198f07404e821c6e2e5664484fbe12d98d7577c41a620461d48d496f3cb0a93afcf9bfa219cd4693196d4522c3a6266afca1ee90305f8988a7b1d736e01081ec7f99e22f5e625705344f9c4d7e8352b7c2efb78a510eaa3fc8b3df93d39f45a85415a55bd22d910b718567cb7b977d7fd7e119e14cc17e77e929e93322997995cfd245c7709d6052f7e6cdab6373809481df98fc85bf80fe0ac3513b409e5135395b995169143433d475d93974570c6bf0423c655a9a28f23cd56d631923263953fb65974dee70c305aa418a7541232abd1b081382e4bb78811a037be941218c9fed251615597f7f8e6e61f6b839b74aaab6eb0c6b5380d82fce235e92a6349aa3af0a8c2b0091dedcd369a933fd681a5f92eba02b708f0419e9377b1bd41f2a1241036565b8f685aa23d68b872a3d27d096592ee522e4f85d74f3effb4d52cf2a77ba3b60dc0a68b6ec347729c47823c6b3e5213f7d6022ba65833ff2077cf9ed145f72e84da37f8a190ebe212014572d7fefe1a2b423a0b5a6be05e45b442826fe59fc3d0021959f0dcea513801f13daf75646139cdc040434730bb87df688df7e7f62cb8eaf9467247ef2c4e069652d1dc306aeb30e57e57e99846322ee957a41f0c35f9838a10aee7ffc7d45cf3b3999df16713ae638b47551d54d91d096a4c01f9bb0c87f1786cede178fba552bc98d44fd7f9ce54368a6f0aada28a020a6f68d4692766a11c8b1a994133eeb9c5fe09dd181096586777dbbc3792955e1fcdbe00f60b4d65e761efe132c28a6b91f5a3d1f0e4aa42334daa4eb76eb9a4e8d2207c46c1be4e4db323b2d403caf8ee1ac954c53106584c173be1b8f99a681a2de0433a35bdb9e891ebdc2fe14d0fa6f64e879d4ecbf77fcd3784b6eca5b1150ed21f9aee9573d0e0ad971bc1ac640da058e9a4bc698c9577644bec5957c8eadbd16b4b86a921053a081f18f0b25b96886f8d07175be785836c852921a88cd8ac279a5244fbe8fed4d3a052be092c68684233d84de1011cae4219295f6eb9f1d8f514fb3d19dee2f8220b558de2652663dcca55b41b689eae7fa2ea5e0ff8e8752eeae11b3c0c9c931d074f1d6849062d35be7e0cb68a6e73624c2c749683f97b587ebbff1dc6b30b8f831149c44030d04ff62e41c3d6778799ad7645db54696346052788dba3291a6c16d253e3644f5682e6327fcf404a2fe80cdd374d7532dec28c05cf4ff32583b2ce208e7a3f6249e7e3fb4325ff577b099c9a71d3ee34b72da4e22cb7259abd36f0f759be22ba7aa0c172c93d1a4b201fad4cf1ee9e0b89440ef76462f5fa58bfd6e733dc9334292ee4622289d5c75d6e073f90c0512ddc7f9e11e14f5488166e4e972a661b64d6aa41c5957f074369b532e507008c9b4d080604da663af2f99993522a50ab68663d564dc8fe5a222a28dd9334f56f5d0e5a098240ae61dbe59eacf0f1f461c9c4a698d61100bb63852c633a7d07c0ee26396bb70196c63856732a2088674a1c966dc0916a62a80e0829e45c2e522e8d31c90b02b6333b43656911a91c9897ec3db31efef5dd122d98241ab85c55edd3b82beb0d9920eccc65c92a40cbf112733bbbda9c9c27b66b0140e960b6ed9a0d204adeef49a90d60475d3c5f24dc65e4d7881d888d6fea73440bed5eb1fda6f4dbf7e78330178bcd6ed3f3b016e9dcb8d5dd0940fdbdaf0d353a77d0829cf7c1156c691920db7166b23a9de88d9f67477c631cecdcd9cf22bf9a253b3ddc7b2937f545305b084fe7f000d0f4926b0e2df337acc26e67fbb2564486eca9f33a873ad288ddf7ea03942a4940ce46908bf8cc9b6120de2733e4486bc7cd987dcc0df15ef9ddd1faff9037267f2144a97029305a12b89903b3757a709d898f42592312ab68feab4845a030147e713e94799269fc1fbf1e1fd1eac307536fb914800d1a2894393a027aa54aa0733821a65c1a0976a9f8c4238f602fb1f59ed74fea8dccb977dab963dac2fa84513324f61d6a5c17781fb21f2194faf5d4813a7846c92bddafa663309805e05bde4042154dfd77c12a67537162bab67bb12bfd8c1bbb7b62e3d88ff1e332bf035a064ac1fe41a9f868ad3f2033ed6f4fd40ebc7bd41e74204649a302748c58af917efa6096f6caf8670f6e765370069d4dc2e230779771022e1124646254712c2cbac93d2763b61e35aa66ccb160023288d18e97be68786bac437033af49539702f233b3e1a2b832248e5cd83d68456a0c8622d044bd31375eed1ed3f5ac0f"}})
ioctl$KVM_RUN(r13, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r6, r13, &(0x7f000000a000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000080)="f3abb832008ed00f0057ca64f6560065f26eba430066b8409d000066ef8fe930012c0f090f3065660f3a61a7bc3d00", 0x2f}], 0x1, 0x0, &(0x7f0000000140)=[@cr4={0x1, 0x200640}, @flags={0x3, 0x3de00}], 0x2)
ioctl$KVM_SET_XCRS(r4, 0x4188aea7, &(0x7f0000000540)={0x8, 0x4, [{0x81, 0x0, 0x7}, {0x2, 0x0, 0x800}, {0x4, 0x0, 0x1d}, {0xf7, 0x0, 0x4}, {0x3, 0x0, 0x7}, {0x2bcf, 0x0, 0xe}, {0x9b, 0x0, 0x4}, {0xc, 0x0, 0x1}, {0x59a, 0x0, 0xdeca}, {0x7}, {0x4, 0x0, 0x7fffffff}, {0x4, 0x0, 0x2}, {0x1, 0x0, 0x8}, {0x2, 0x0, 0x3}, {0x0, 0x0, 0x7}, {0x8000, 0x0, 0x6}]})

3m34.121083535s ago: executing program 2 (id=474):
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000000)={0x3, 0x7})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000580)={0x0, &(0x7f0000000180)=[@nested_amd_invlpga={0x17d, 0x20, {0x70000, 0x3b90}}, @nested_create_vm={0x12d, 0x18, 0x1}, @set_irq_handler={0xc8, 0x20, {0xc6, 0x2}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @rdmsr={0x66, 0x18, {0x8bb}}, @nested_amd_invlpga={0x17d, 0x20, {0xeeef0000, 0x8f07}}, @nested_amd_vmsave={0x183, 0x18, 0x2}, @uexit={0x0, 0x18, 0x80}, @out_dx={0x6a, 0x28, {0x4312, 0x5, 0x6}}, @nested_amd_clgi={0x17f, 0x10}, @nested_load_code={0x12e, 0x76, {0x1, "b9800000c00f3235000800000f3066b894008ed03e660f8e07000000660f38829eedf20000f2490faef00f1e9683000000f326650f1e6d032666420f383c1c5a66b819008ee048b808830000000000000f23c00f21f835000006000f23f8"}}, @rdmsr={0x66, 0x18, {0x9b0}}, @uexit={0x0, 0x18}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_vmresume={0x130, 0x18, 0x2}, @nested_amd_vmload={0x182, 0x18, 0x2}, @nested_amd_clgi={0x17f, 0x10}, @nested_amd_clgi={0x17f, 0x10}, @nested_vmresume={0x130, 0x18}, @set_irq_handler={0xc8, 0x20, {0xc9, 0x1}}, @cpuid={0x64, 0x18, {0x5}}, @set_irq_handler={0xc8, 0x20, {0x97, 0x2}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x3, @host64=0x2c04, 0x6, 0x100000001, 0x2}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_create_vm={0x12d, 0x18}, @nested_vmresume={0x130, 0x18}, @out_dx={0x6a, 0x28, {0xe1dd, 0x6, 0x2}}, @enable_nested={0x12c, 0x18}, @in_dx={0x69, 0x20, {0x5215, 0x3}}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @wr_drn={0x68, 0x20, {0x6, 0xf1c}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x3, @save_area=0x502, 0x5, 0x9, 0x6}}], 0x3de})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m31.5717484s ago: executing program 2 (id=477):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1a)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="c4e2790e600c430f0130f30f30c4c3856ae9360f0f1aa7f30faec7f3410f58cd66b826010f00d8660f76359400000064660f3806ae00000000", 0x39}], 0x1, 0x4, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_NMI(r8, 0xae9a)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000470f626c51a6f3460f1ec6f20f704f0ee2266644e900000000673ef242d9f2", 0x3b}], 0x1, 0x46, &(0x7f0000000200), 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000240)={{0xfec00000, 0x120000, 0xd, 0x5, 0x4, 0x81, 0xfd, 0x8, 0x4, 0x5, 0x7, 0x8}, {0xe000, 0x7000, 0xe, 0xd2, 0x9, 0x2, 0xe, 0xd, 0xa, 0x1, 0x84}, {0xc000, 0x70000, 0xd, 0x4, 0x8, 0xb, 0xa, 0x0, 0x3, 0x3, 0x4, 0x9}, {0xdddd1000, 0x3000, 0x10, 0x6, 0x10, 0x8, 0x1, 0x3, 0x6, 0x5, 0x80, 0xc}, {0x4, 0xb000, 0xe, 0x4, 0x6, 0x2, 0xb7, 0x9c, 0x5, 0x5, 0x1b, 0xfe}, {0x4000, 0xdddd0000, 0x0, 0x7, 0x7, 0xa, 0x0, 0x81, 0xb7, 0x2, 0x6, 0x5}, {0x9000, 0x54000, 0xe, 0x10, 0x7, 0x7, 0xfa, 0x10, 0x8, 0x4, 0x16, 0xb}, {0x4000, 0x74ef45b8107f0fc7, 0x10, 0x0, 0x5, 0x7, 0x9, 0x8, 0x9, 0x6, 0x8, 0x8}, {0x41000, 0x1}, {0x30000, 0xba}, 0x80000010, 0x0, 0x10000, 0x8, 0x7, 0x0, 0x7000, [0x7f7fffffffffffff, 0x800, 0x1, 0xf1]})
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000200)={[0x80f8000, 0x8000000, 0x41000, 0x1000], 0x9})
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x2, 0x3e, '\x00', 0x4})
ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000040)={0x4500000000000000, 0xb000, 0x6, 0x1, 0x15})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23)
ioctl$KVM_CLEAR_DIRTY_LOG(r12, 0xc018aec0, &(0x7f0000000540)={0x10000, 0x100, 0x300, &(0x7f0000000100)=[0x5, 0xffffffff, 0x0, 0xb, 0x3, 0x3, 0x4, 0x40, 0x1, 0x5, 0xffff, 0x73, 0x8, 0x0, 0x9, 0xd3, 0x3, 0x9, 0x7, 0x4, 0x7, 0x1, 0x3ff, 0x7, 0x4, 0x3, 0x6, 0xe445, 0x10000, 0x8000000000000000, 0x400, 0x8, 0x300000000000, 0x6, 0x0, 0x9, 0x7f, 0x8001, 0x8, 0x8, 0x6, 0x9a, 0x80, 0xfffffffffffffc01, 0x3, 0x4, 0x4, 0x5b, 0x401, 0x0, 0xe695, 0x4, 0x6, 0x2, 0x9, 0x7f, 0x9, 0x9f10, 0x4, 0x1, 0x80000000, 0x6, 0x0, 0x9, 0x9, 0x1000, 0x3d, 0x8000000000000000, 0x8, 0x10001, 0x7, 0x2, 0x4, 0x4, 0x4, 0x0, 0x1ff, 0x3, 0x3, 0x3, 0x5, 0x7fffffffffffffff, 0xc318, 0xf432, 0x0, 0xffffffffffffffee, 0x3, 0x7, 0x9, 0x101, 0x376f6362, 0xfffffffffffffffb, 0x6, 0xfe4, 0x3, 0x5, 0x8f, 0xb37, 0x80000000, 0x3, 0x8, 0x3, 0xc, 0x8, 0x5, 0x2, 0x96e8, 0xe4, 0xa, 0x2, 0xcc44, 0xfffffffffffffffd, 0xa793, 0x1c1, 0x401, 0x2, 0x7, 0x80000000, 0x2, 0x6, 0x2, 0x115, 0x8000000000, 0x9, 0x0, 0x7, 0x7, 0x9]})

3m12.604405304s ago: executing program 32 (id=479):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc8200, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000100)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000b9b10900000f32f3460f1ec6f20f704f0ee2266644e900000000673ef242d9f2", 0x3c}], 0x1, 0x46, &(0x7f00000000c0)=[@cr0={0x0, 0x2a}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)=@x86={0x9, 0xd, 0x7, 0x0, 0x6, 0x6, 0x3, 0x4, 0x10, 0x7f, 0x18, 0x80, 0x0, 0x34, 0x4, 0xc, 0x3, 0x20, 0xb7, '\x00', 0x40, 0x7})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140)={0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000d07000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000200)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000b9b10900000f32f3460f1ec6f20f704f0ee2266644e900000000673ef242d9f2", 0x3c}], 0x1, 0x6e, &(0x7f0000000040)=[@vmwrite={0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m12.56133533s ago: executing program 33 (id=478):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f00000000c0)="f2f40f011e0090670fc7700a0fc75dad66f32e0f350f01cff20fc25a060f640ff1f266b9e00800000f320f20c06635200000000f22c0", 0x36}], 0x1, 0x13, &(0x7f0000000540)=[@cstype3={0x5, 0x12}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000000c0)={0x4, 0x0, [{0x6e0, 0x0, 0xaa}, {0x669, 0x0, 0x8000000000000000}, {0x60a, 0x0, 0x3}, {0x9f6, 0x0, 0x404}]})
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r9 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000180)=[@out_dx={0x6a, 0x28, {0x9b0b, 0x0, 0x9}}], 0x28})
syz_kvm_setup_cpu$x86(r4, r9, &(0x7f0000004000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000300)="0fc71b360f01c43e0f01cb0f20e035000001000f22e00f01c9f467660f3266aa0cf80c0c95fdfa8b66b82c008ec066bafc0cec0fc733", 0x36}], 0x1, 0x10, &(0x7f0000000200)=[@flags={0x3, 0x80004}, @dstype0={0x6, 0x1}], 0x2)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$KVM_CHECK_EXTENSION(r11, 0xae03, 0xb)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r13, 0xae60)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r14, 0x4008ae9c, &(0x7f00000002c0)={0x5, 0x4, 0x8})
r15 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x1)
r16 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000100)={0x7, 0x0, [{0x686, 0x0, 0x9}, {0xb71, 0x0, 0x8000000000000001}, {0xc0010044, 0x0, 0x5}, {0xb78, 0x0, 0x4}, {0x23e, 0x0, 0x81}, {0xa28, 0x0, 0x898}, {0x8a3, 0x0, 0x5}]})
syz_kvm_setup_cpu$x86(r15, r16, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000080)="66ba2100ec66baf80cb81cc58787ef66bafc0cedc482f932a90c000000ff49e3f30f09b933090000b8e4690000ba000000000f302e410f009cf94e00000065f466ba4000b0caeec744240085946a79c744240271170000c7442406000000000f011424", 0x63}], 0x1, 0x10, &(0x7f0000000540), 0x0)

3m12.528033395s ago: executing program 34 (id=477):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1a)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="c4e2790e600c430f0130f30f30c4c3856ae9360f0f1aa7f30faec7f3410f58cd66b826010f00d8660f76359400000064660f3806ae00000000", 0x39}], 0x1, 0x4, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_NMI(r8, 0xae9a)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000470f626c51a6f3460f1ec6f20f704f0ee2266644e900000000673ef242d9f2", 0x3b}], 0x1, 0x46, &(0x7f0000000200), 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000240)={{0xfec00000, 0x120000, 0xd, 0x5, 0x4, 0x81, 0xfd, 0x8, 0x4, 0x5, 0x7, 0x8}, {0xe000, 0x7000, 0xe, 0xd2, 0x9, 0x2, 0xe, 0xd, 0xa, 0x1, 0x84}, {0xc000, 0x70000, 0xd, 0x4, 0x8, 0xb, 0xa, 0x0, 0x3, 0x3, 0x4, 0x9}, {0xdddd1000, 0x3000, 0x10, 0x6, 0x10, 0x8, 0x1, 0x3, 0x6, 0x5, 0x80, 0xc}, {0x4, 0xb000, 0xe, 0x4, 0x6, 0x2, 0xb7, 0x9c, 0x5, 0x5, 0x1b, 0xfe}, {0x4000, 0xdddd0000, 0x0, 0x7, 0x7, 0xa, 0x0, 0x81, 0xb7, 0x2, 0x6, 0x5}, {0x9000, 0x54000, 0xe, 0x10, 0x7, 0x7, 0xfa, 0x10, 0x8, 0x4, 0x16, 0xb}, {0x4000, 0x74ef45b8107f0fc7, 0x10, 0x0, 0x5, 0x7, 0x9, 0x8, 0x9, 0x6, 0x8, 0x8}, {0x41000, 0x1}, {0x30000, 0xba}, 0x80000010, 0x0, 0x10000, 0x8, 0x7, 0x0, 0x7000, [0x7f7fffffffffffff, 0x800, 0x1, 0xf1]})
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000200)={[0x80f8000, 0x8000000, 0x41000, 0x1000], 0x9})
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x2, 0x3e, '\x00', 0x4})
ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000040)={0x4500000000000000, 0xb000, 0x6, 0x1, 0x15})
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23)
ioctl$KVM_CLEAR_DIRTY_LOG(r12, 0xc018aec0, &(0x7f0000000540)={0x10000, 0x100, 0x300, &(0x7f0000000100)=[0x5, 0xffffffff, 0x0, 0xb, 0x3, 0x3, 0x4, 0x40, 0x1, 0x5, 0xffff, 0x73, 0x8, 0x0, 0x9, 0xd3, 0x3, 0x9, 0x7, 0x4, 0x7, 0x1, 0x3ff, 0x7, 0x4, 0x3, 0x6, 0xe445, 0x10000, 0x8000000000000000, 0x400, 0x8, 0x300000000000, 0x6, 0x0, 0x9, 0x7f, 0x8001, 0x8, 0x8, 0x6, 0x9a, 0x80, 0xfffffffffffffc01, 0x3, 0x4, 0x4, 0x5b, 0x401, 0x0, 0xe695, 0x4, 0x6, 0x2, 0x9, 0x7f, 0x9, 0x9f10, 0x4, 0x1, 0x80000000, 0x6, 0x0, 0x9, 0x9, 0x1000, 0x3d, 0x8000000000000000, 0x8, 0x10001, 0x7, 0x2, 0x4, 0x4, 0x4, 0x0, 0x1ff, 0x3, 0x3, 0x3, 0x5, 0x7fffffffffffffff, 0xc318, 0xf432, 0x0, 0xffffffffffffffee, 0x3, 0x7, 0x9, 0x101, 0x376f6362, 0xfffffffffffffffb, 0x6, 0xfe4, 0x3, 0x5, 0x8f, 0xb37, 0x80000000, 0x3, 0x8, 0x3, 0xc, 0x8, 0x5, 0x2, 0x96e8, 0xe4, 0xa, 0x2, 0xcc44, 0xfffffffffffffffd, 0xa793, 0x1c1, 0x401, 0x2, 0x7, 0x80000000, 0x2, 0x6, 0x2, 0x115, 0x8000000000, 0x9, 0x0, 0x7, 0x7, 0x9]})

2m48.441973963s ago: executing program 3 (id=613):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x591002, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x591002, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000000100)={0x3, 0x0, [{0x80000000, 0xb4, 0x2, 0x6, 0x4, 0xffff0000, 0x6}, {0x7, 0x5, 0x2, 0x0, 0x5, 0x1, 0x5e}, {0x40000000, 0xcd, 0x0, 0xa34, 0x6, 0x8, 0x2}]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000080)="66b96c03000066b85a00000066ba000000000f300f20c06635000000800f22c0f20f10f60f95cb660f29760066b9a70300000f32660f3882970006ba4300b80f00ef0fc7373e0f7828", 0x49}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m47.918183497s ago: executing program 3 (id=617):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f00000000c0)="f2f40f011e0090670fc7700a0fc75dad66f32e0f350f01cff20fc25a060f640ff1f266b9e00800000f320f20c06635200000000f22c0", 0x36}], 0x1, 0x13, &(0x7f0000000540)=[@cstype3={0x5, 0x12}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000100)={0x7, 0x0, [{0x40000083, 0x0, 0xa1cf}, {0xa9a, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x2000000000000003}, {0x21e, 0x0, 0x7}, {0xbe0, 0x0, 0x8000000000000001}, {0xbf4, 0x0, 0x7}, {0x3af, 0x0, 0x7}]})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r9, 0xae03, 0x81)
r10 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x1)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r12, r13, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000080)="66ba2100ec66baf80cb81cc58787ef66bafc0cedc482f932a90c000000ff49e3f30f09b933090000b8e4690000ba000000000f302e410f009cf94e00000065f466ba4000b0caeec744240085946a79c744240271170000c7442406000000000f011424", 0x63}], 0x1, 0x10, &(0x7f0000000540), 0x0)

2m47.917425846s ago: executing program 5 (id=618):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_GET_MSRS_sys(r0, 0xc008ae88, &(0x7f0000000100)={0xa, 0x0, [{0x8a, 0x0, 0x101}, {0x243, 0x0, 0x100000000}, {0x8f3, 0x0, 0x3}, {0x200, 0x0, 0x80000001}, {0x8be, 0x0, 0x7}, {0x8eb, 0x0, 0x100000000}, {0xbbe, 0x0, 0x1}, {0x313, 0x0, 0x100000000008}, {0xa2e, 0x0, 0x5}, {0x9a1, 0x0, 0x80009}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x9c, 0x9, 0xc, '\x00', 0x100000000})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0xfffffffffffffffd)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f00000000c0)="f2f40f011e0090670fc7700a0fc75dad66f32e0f350f01cff20fc25a060f640ff1f266b9e00800000f320f20c06635200000000f22c0", 0x36}], 0x1, 0x13, &(0x7f0000000540)=[@cstype3={0x5, 0x12}], 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f00000001c0)="f3d8c466b99f02000066b80000010066ba000000000f309f8fc9680272fc670fc76d9966b9800000c00f326635000400000f3064260fc7749c0f01d481be0000e88aba420066ed", 0x47}], 0x1, 0x10, &(0x7f0000000540), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r10, 0x4020aed2, &(0x7f0000000040)={0x1, 0x119000})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x1)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r13, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000240)="b884088ed066b98f08000066b80000000066ba000000000f30360f122d66b9460a000066b89700000066ba000000000f30660f3a40bd002006f30fa7c0ba4000b01fee66b9800000c00f326635000400000f300f30ba4200b062ee", 0x5b}], 0x1, 0x4, &(0x7f0000000080)=[@cstype3={0x5, 0x5}, @cstype0={0x4, 0x5}], 0x2)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x1)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x1)
ioctl$KVM_SET_CPUID(r16, 0x4008ae8a, &(0x7f0000000040))

2m47.71932494s ago: executing program 4 (id=619):
ioctl$KVM_CAP_MSR_PLATFORM_INFO(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x7159c0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil}) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1c) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_DEBUGREGS(r6, 0x4080aea2, &(0x7f0000000140)={[0x2000, 0x26000, 0x2, 0x50000], 0x80da, 0x8, 0x2}) (async)
syz_kvm_setup_cpu$x86(r3, r6, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000100)="363e66660fdadb66b96a03000066b80030000066ba000000000f30baf80c66b886a3828166efbafc0cec640f01d10f01c3360f01c9660fdbd167660f6bf70f300f0f8f888f96", 0x46}], 0xaaaaaaaaaaaad4f, 0x42, &(0x7f0000000080), 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
munmap(&(0x7f0000000000/0x4000)=nil, 0x4000) (async)
ioctl$KVM_SET_PIT(r8, 0x8048ae66, &(0x7f0000000280)={[{0x6, 0x9500, 0x0, 0xf, 0x0, 0xc, 0x8, 0xd, 0x65, 0xf9, 0x7, 0xf4, 0x8000000000000000}, {0x5, 0x7f, 0x2, 0x8, 0x4, 0x0, 0x90, 0x0, 0xe, 0x6, 0xf, 0x5, 0x5}, {0xb, 0x5, 0x0, 0xc, 0xc, 0x9, 0x2, 0xe7, 0xe, 0xf8, 0x3, 0x6, 0x7fffffff}], 0x2})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@x86={0x6, 0xfc, 0x6, 0x0, 0x8, 0x4, 0x7, 0x4, 0x1d, 0xe, 0x3, 0x3, 0x0, 0x12, 0x2200, 0xd, 0x0, 0x5, 0x4, '\x00', 0x2, 0x1}) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
ioctl$KVM_GET_MSRS_sys(r11, 0xc008ae88, &(0x7f0000000000)={0x3, 0x0, [{0x10a, 0x0, 0x405140c9}, {0x8cb, 0x0, 0x2a33}, {0x1af, 0x0, 0xc0}]}) (async)
r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r10, r12, &(0x7f0000003000/0x18000)=nil, &(0x7f0000002940)=[@text32={0x20, &(0x7f0000000280)="66baf80cb840012b8def66bafc0c66b8000066efff9e145700000fc76e0736660f1445f366b864008ed826662ef30f09b8010000000f23d80f21f835400000100f23f869c330ebcb580f2242f30f06", 0x4f}], 0x1, 0x40, &(0x7f0000000040)=[@cstype3={0x5, 0xc}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x12e}], 0x2)

2m47.460871489s ago: executing program 4 (id=620):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000c1b000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000100)="b9b00a00000f324e0fc71866ba2000ec66ba6100ecdac7b805000000b90a0000000f01d90f20d835080000000f22d8b805000000b9f2ffffff0f01c1660f50d2c4421dbaec", 0x45}], 0x1, 0x0, &(0x7f0000000100), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m47.211879269s ago: executing program 4 (id=621):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="66ba430066ed640f066466430f56fc0f352647d9ffc4c27934aab2762f8966baf80cb836ca1a81ef66bafc0c66edc4037d0810fa0f3566410f38803e"}], 0x1, 0x38, &(0x7f0000000540)=[@cstype3={0x5, 0x3}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000040)=@x86={0x3, 0xae, 0x0, 0x0, 0x100003, 0x4, 0x5, 0x4, 0x12, 0x4, 0x5, 0x8, 0x0, 0x20a, 0xf, 0x9, 0x3, 0xb, 0x9, '\x00', 0x2, 0x952})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r2, 0x4010ae74, &(0x7f00000000c0)={0x0, 0x10f9, 0x3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_MSRS_sys(r0, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x9c4, 0x0, 0xc6}, {0xbc8, 0x0, 0x1000}]})

2m47.210837248s ago: executing program 3 (id=622):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async, rerun: 32)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (rerun: 32)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="c4e2790e600c430f0130f30f30c4c3856ae9360f0f1aa7f30faec7f3410f58cd66b826010f00d8660f76359400000064660f3806ae00000000", 0x39}], 0x1, 0x4, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
ioctl$KVM_HYPERV_EVENTFD(r10, 0x4018aebd, &(0x7f0000000000)={0x1000000}) (async, rerun: 64)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000100)={0x2, 0x2000, 0x0, 0xffffffffffffffff, 0x4}) (async, rerun: 64)
r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r11, 0x4068aea3, &(0x7f0000000040)={0x8f, 0x0, 0x2}) (async)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000470f626c51a6f3460f1ec6f20f704f0ee2266644e900000000673ef242d9f2", 0x3b}], 0x1, 0x46, &(0x7f0000000200), 0x0) (async)
r12 = eventfd2(0x4, 0x1)
write$eventfd(r12, &(0x7f00000002c0)=0x28bb, 0x8)
ioctl$KVM_GET_CPUID2(r3, 0xc008ae91, &(0x7f0000000140)={0x7, 0x0, [{}, {}, {}, {}, {}, {}, {}]}) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async, rerun: 64)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x8100, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0xa)
ioctl$KVM_SET_USER_MEMORY_REGION(r14, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil}) (async)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r14, r15, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000100)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000b9b10900000f32f3460f1ec6f20f704f0ee2266644e900000000673ef242d9f2", 0x3c}], 0x1, 0x46, &(0x7f00000000c0)=[@cr0={0x0, 0x2a}], 0x1) (async)
ioctl$KVM_GET_DIRTY_LOG(r14, 0x4010ae42, &(0x7f0000000280)={0x4, 0x0, &(0x7f0000016000/0x4000)=nil}) (async)
ioctl$KVM_RUN(r15, 0xae80, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r15, 0x4040aea0, &(0x7f0000000000)=@x86={0x9, 0xd, 0x7, 0x0, 0x6, 0x6, 0x3, 0x4, 0x10, 0x7f, 0x18, 0x80, 0x0, 0x34, 0x4, 0xc, 0x3, 0x20, 0xb7, '\x00', 0x40, 0x7})

2m47.151374104s ago: executing program 5 (id=623):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0xe53})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80100, 0x0)
ioctl$KVM_CAP_VM_TYPES(r2, 0x4068aea3, &(0x7f0000000100)={0xeb, 0x0, 0x2})
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000040)=0x4)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r4, 0x4020aed2, &(0x7f00000000c0)={0xffff1000, 0x11a000, 0x0, 0x2000000})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000200)="0f06b805000000b90b0000000f01d9b9800000c00f3235000100000f30450f2370c442bdbff00f20d835200000000f22d80f01d10f01c80f01ca262666f3400f01e8", 0x42}], 0x1, 0x10, &(0x7f0000000540), 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r10 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x6)
ioctl$KVM_CHECK_EXTENSION_VM(r10, 0xae03, 0x6)
syz_kvm_setup_cpu$x86(r8, r9, &(0x7f00007cf000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000180)="f36f66b890fcb49d0f23d00f21f866352000000d66b9800000c00f326635000400000f700f01ca0f23e4f081769b0500baf80c66b827c1888866efbafc0cb0c7e2e2b8b8b9800000c00f326675001000000f30652d07a8baf80c66b862b4e48a66efbafc0cb80600eff30f59c7", 0x6d}], 0x1, 0xe, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000040)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000470f626c51a6f3460f1ec667640fc77ce0bd266644e900000000673ef242d9f2", 0x3c}], 0x1, 0x6, &(0x7f0000000540)=[@cr4={0x1, 0x11}], 0x1)
ioctl$KVM_GET_SREGS2(0xffffffffffffffff, 0x8140aecc, &(0x7f0000000280))

2m47.031218753s ago: executing program 4 (id=624):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f00000000c0)="f2f40f011e0090670fc7700a0fc75dad66f32e0f350f01cff20fc25a060f640ff1f266b9e00800000f320f20c06635200000000f22c0", 0x36}], 0x1, 0x13, &(0x7f0000000540)=[@cstype3={0x5, 0x12}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000140)="0f09baf80c66b8f0658a8466efbafc0cb0f4ee66b9800000c00f326635000100000f300fc79a0d000fc78f487f36660f72f6003e0f2256660f3880410266b9800000c00f326635010000000f300f20d86635080000000f22d8", 0x59}], 0x1, 0x3, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r8, 0x4020aed2, &(0x7f0000000040)={0x0, 0x1000, 0x8})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r9, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000080)="66ba2100ec66baf80cb81cc58787ef66bafc0cedc482f932a90c000000ff49e3f30f09b933090000b8e4690000ba000000000f302e410f009cf94e00000065f466ba4000b0caeec744240085946a79c744240271170000c7442406000000000f011424", 0x63}], 0x1, 0x10, &(0x7f0000000540), 0x0)

2m46.72155625s ago: executing program 3 (id=625):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000100)="2e360fc7b63300000066baf80cb87800088bef66bafc0ced0f00d80f08f30f090fc7996a000000470f626c51a6f3460f1ec667640fc77ce0bd266644e900000000673ef242d9f2", 0x61}], 0x1, 0x6, &(0x7f0000000540), 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000040)="f30f5c428e66baf80cb8e24a1787ef66bafc0c66b8ddd366ef36640f3801820018000066baf80cb8b71ad584ef66bafc0cb000eeb9ce0b0000b80f000000ba000000000f3026640f0966b86a008ec0b805000000b9f2ba00000f01d966b80b010f00d0b805000000b9001000000f01d9", 0x70}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r9, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_REGS(r8, 0x8090ae81, &(0x7f0000000200))
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x1)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r12, r13, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000140)="8a0ffcde27c0de27c000400f22c0585480ea9bcdc0cdc035000800000f30450f65fa67643e650f01cfc4e359686a72c86426450f01f8f30fc7779e66baa100b029ee66400fd57010400f08", 0x4b}], 0x1, 0x0, &(0x7f0000000040)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
r14 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r15 = syz_kvm_add_vcpu$x86(r14, &(0x7f0000000580)={0x0, &(0x7f00000005c0)=[@nested_amd_invlpga={0x17d, 0x20, {0x70000, 0x3b90}}, @cpuid={0x64, 0x18, {0x3, 0x36d}}, @nested_vmresume={0x130, 0x18}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @rdmsr={0x66, 0x18, {0x8bb}}, @nested_amd_invlpga={0x17d, 0x20, {0xeeef0000, 0x8f07}}, @nested_amd_vmsave={0x183, 0x18, 0x2}, @uexit={0x0, 0x18, 0x80}, @nested_amd_invlpga={0x17d, 0x20, {0x7000, 0xb836}}, @nested_amd_clgi={0x17f, 0x10}, @nested_load_code={0x12e, 0x76, {0x1, "b9800000c00f3235000800000f3066b894008ed03e660f8e07000000660f38829eedf20000f2490faef00f1e9683000000f326650f1e6d032666420f383c1c5a66b819008ee048b808830000000000000f23c00f21f835000006000f23f8"}}, @rdmsr={0x66, 0x18, {0x80c}}, @uexit={0x0, 0x18}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_vmresume={0x130, 0x18, 0x2}, @nested_amd_vmload={0x182, 0x18, 0x2}, @nested_amd_clgi={0x17f, 0x10}, @nested_amd_clgi={0x17f, 0x10}, @nested_vmresume={0x130, 0x18}, @set_irq_handler={0xc8, 0x20, {0xc9, 0x3}}, @nested_amd_set_intercept={0x181, 0x30, {0x0, 0x2, 0xfffffffffffffff9}}, @set_irq_handler={0xc8, 0x20, {0x97, 0x2}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x3, @host64=0x2c04, 0x6, 0x100000001, 0x2}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_create_vm={0x12d, 0x18}, @rdmsr={0x66, 0x18, {0x218}}, @out_dx={0x6a, 0x28, {0xe1dd, 0x4, 0x2}}, @enable_nested={0x12c, 0x18}, @in_dx={0x69, 0x20, {0x5215, 0x3}}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @wr_drn={0x68, 0x20, {0x6, 0xf1c}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x3, @save_area=0x502, 0x5, 0x9, 0x6}}], 0x3e6})
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000907000/0x400000)=nil)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
ioctl$KVM_RUN(r15, 0xae80, 0x0)

2m46.580776431s ago: executing program 5 (id=626):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x37)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_GUEST_MEMFD(r3, 0xc040aed4, &(0x7f0000000040)={0x1000, 0x1})
close(r4)
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r9, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000200)="0f06b805000000b90b0000000f01d9b9800000c00f3235000100000f30450f2370c442bdbff00f20d835200000000f22d80f01d10f01c80f01ca262666f3400f01e8", 0x42}], 0x1, 0x10, &(0x7f0000000540)=[@flags={0x3, 0x40}], 0x1)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r10, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x1})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(r7, 0xc008ae67, &(0x7f0000000100)={0xf, 0x4})
ioctl$KVM_CAP_HALT_POLL(r7, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x3b6200000000000})

2m46.501525903s ago: executing program 4 (id=627):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000c1b000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000040)="b9b00a00000f324e0fc71866ba2000ec66ba6100ecdac7b805000000b90a0000000f01d90f20d835080000000f22d8b805000000b9f2ffffff0f01c1660f50d2c4421dbaec", 0x45}], 0x1, 0x55, &(0x7f0000000280)=[@dstype0={0x6, 0x3}, @vmwrite={0x8, 0x0, 0x9, 0x0, 0x2, 0x0, 0x3, 0x0, 0x915}], 0x2) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000100)="440f01dfb9d10800000f32c4c31d5db65fcf0000650f23b9f30f0f01b066baf80cef66bafc0ced43e3842e0f015f00440f0138660f3a631835", 0x39}], 0x1, 0x51, &(0x7f0000000200)=[@cr0={0x0, 0xa000000c}, @efer={0x2, 0x900}], 0x2) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x101ff, 0x3, 0xeeee8000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r7, 0x4010ae74, &(0x7f0000000080)={0x4, 0xfff, 0x2}) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
ioctl$KVM_GET_API_VERSION(r9, 0x5452, 0x0) (async)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000010000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000240)="48b805000000000000000f23d80f21f835800000100f23f848b8cf0f3c819aab5a730f23d80f21f835000000300f23f867644f0fc71d45f5719d6436650f01c966baa10066edc40259acc0450fc75d3448b84bba0000000000000f23c80f21f8350000f0000f23f80f547691440fc70f"}], 0x1, 0x0, &(0x7f0000000040)=[@dstype3={0x7, 0x9}], 0x1) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m46.237830862s ago: executing program 4 (id=628):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="66b80500000066b9bc8000000f01d90fc7acc661baa10066b80000000066ef0f01d13cae64640f01c50f0f0790e058ed0f215bbaf80c66b811dff08eb87d008ed8bafc0cec", 0x45}], 0x1, 0xd807f916f4a3e29d, &(0x7f0000000140)=[@vmwrite={0x8, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000001c0)={0x9, 0x0, [{0x26a, 0x0, 0xffdffffffffffff7}, {0x40000081, 0x0, 0x1}, {0xbda, 0x0, 0x8000}, {0x928, 0x0, 0x1000}, {0xb3f, 0x0, 0x7a167904}, {0x2c5, 0x0, 0x9}, {0x2e8, 0x0, 0x100}, {0x937, 0x0, 0xb}, {0xad8}]})
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000300)={0x9, 0x0, [{0x4b564d04, 0x0, 0x7}, {0x368, 0x0, 0x7a}, {0x30b, 0x0, 0x5}, {0x3a7, 0x0, 0x9}, {0x8a6, 0x0, 0x9}, {0x326, 0x0, 0xa}, {0x28c, 0x0, 0x1000}, {0xbe1, 0x0, 0x502}, {0x37a, 0x0, 0x6}]})
ioctl$KVM_CAP_X2APIC_API(r8, 0x4068aea3, &(0x7f0000000080)={0x81, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0x1000, 0x1000, &(0x7f0000001000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x5a, &(0x7f00000001c0)=[@flags={0x3, 0x6000}, @dstype3={0x7, 0x2}], 0x2)

2m46.120935591s ago: executing program 5 (id=629):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x79)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000080)="48b82e220000000000000f23c00f21f83501000b000f23f8c4a1fdc64baaa00f01c966470f388156a7b9500300000f32c801d10f20e035000002000f22e00f01c9c482012d56310fc718", 0x4a}], 0x1, 0x51, &(0x7f0000000540), 0x0)
ioctl$KVM_CAP_HALT_POLL(r4, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x4000000000000000})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x7a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2m46.040416374s ago: executing program 3 (id=630):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r3, 0xc008ae88, &(0x7f0000000240)={0x42, 0x0, [{0x40000081, 0x0, 0x4659}]})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000100)="440f11dfb9d10800000f32c4c31d5db65fcf0000650f23b9f30f0f01b066baf80cef66bafc0ced43e3842e0f015f00440f0138660f3a631835", 0x39}], 0x1, 0x51, &(0x7f0000000200)=[@vmwrite={0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0xfffffffffff7}, @efer={0x2, 0x900}], 0x2)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000c1b000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000040)="0fca0f3266ba2000ec66ba6100ecdac767400f204100000000000f01d90f20d835080000000f22d8b805000000b9f2ffffff0f01c1660f50d2c4421dbaec", 0x3e}], 0x1, 0x0, &(0x7f0000000100), 0x27)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2m45.80131345s ago: executing program 5 (id=631):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0xe53})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000100)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0xf}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
close(r4)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000080)={0x80000003})
ioctl$KVM_SET_PIT2(r6, 0x4070aea0, &(0x7f00000001c0)={[{0x4ddbb8f7, 0x9, 0x4, 0x7, 0xf9, 0xe8, 0xfb, 0x5, 0x4, 0x3, 0x7, 0x40, 0x10001}, {0x2, 0x924, 0x78, 0xd, 0x5, 0x8, 0x99, 0x1, 0x81, 0x9, 0x2, 0x8, 0x37}, {0xfffffff9, 0x3, 0xe, 0x1, 0x40, 0x5, 0x2, 0xf, 0x8, 0x4, 0x4, 0xc, 0x10000000000005}], 0x6})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x50040, 0x0)
ioctl$KVM_GET_MSR_FEATURE_INDEX_LIST(r7, 0xc004ae0a, &(0x7f0000000240)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)

2m45.531225207s ago: executing program 3 (id=632):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r5, 0x4068aea3, &(0x7f0000000100)={0xc7, 0x0, 0x1})
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000c1b000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000040)="b9b00a00000f324e0fc71866ba2000ec66ba6100ecdac7b805000000b90a0000000f01d90f20d835080000000f22d8b805000000b9f2ffffff0f01c1660f50d2c4421dbaec", 0x45}], 0x1, 0x55, &(0x7f0000000100), 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000200)={0x3, 0x81})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000100)="ba4200ecbaf80c66b8e74be68a66efbafc0cec0f01cf670f01c22e0fc7b80180baf80c66b8eeff898466efbafc0cb80600efd8db0f1849b766b9800000c00f326635000100000f300f01c3", 0x4b}], 0x1, 0x10, &(0x7f0000000540)=[@flags={0x3, 0x40}], 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x3000)=nil, r7, 0x2000004, 0x4010032, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x1)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r11, r12, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f00000000c0)="c4e1dc55c32ef30fc733ea00800000c2000f32f30fc7b328ffffff650f01c52e6465650fa2b9800000c00f3235000800000f3066b830018ec0c4e27d349000000000", 0x42}], 0x1, 0x53, &(0x7f0000000080)=[@flags={0x3, 0x4400}, @cr0={0x0, 0x8000000e}], 0x2)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r9, 0x8208ae63, &(0x7f0000000440)={0x2, 0x0, @ioapic={0x200000, 0xc, 0x800, 0xa0ba, 0x0, [{0xb9, 0x5c, 0x4, '\x00', 0x7}, {0x2, 0x5, 0x2, '\x00', 0x1}, {0xe, 0xb4, 0x1, '\x00', 0x80}, {0x3, 0x9, 0xc6, '\x00', 0x8}, {0x7, 0x8, 0xc, '\x00', 0xd9}, {0x7a, 0x2, 0x3e}, {0x7, 0x2, 0x8}, {0xf, 0x0, 0x44, '\x00', 0x3}, {0x40, 0x5, 0x2, '\x00', 0x8}, {0x6, 0xba, 0x2, '\x00', 0x5}, {0x5, 0x0, 0x4, '\x00', 0xb}, {0x0, 0xfb, 0x4, '\x00', 0x6c}, {0x5, 0xfa, 0x8, '\x00', 0x7}, {0x7, 0xfb, 0x6, '\x00', 0xed}, {0x0, 0x3, 0x3}, {0x7d, 0x40, 0x1, '\x00', 0x9}, {0x4, 0x2, 0xa, '\x00', 0x2}, {0xa7, 0x86, 0x6}, {0x5, 0x9, 0x9, '\x00', 0xa}, {0x1, 0xd, 0x10, '\x00', 0x4}, {0x8, 0x99, 0x8, '\x00', 0x9}, {0x1, 0x7, 0x7, '\x00', 0x7}, {0x1, 0x7, 0x3, '\x00', 0x6}, {0x6, 0x8, 0x9, '\x00', 0xff}]}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x1)
syz_kvm_setup_cpu$x86(r14, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000180)="66b94aa400000f32ba4000ed0f01d1660f3a0dab8cebbc65660fc7b20000670f20c10fec29baf80c66b850f0098f66efbafc0ced66b85f0000000f23d80f21f86635400000200f23f826f0f61f", 0x4d}], 0x1, 0x46, &(0x7f0000000200), 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2m45.369151174s ago: executing program 5 (id=633):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f000081d000/0x2000)=nil, r5, 0x3, 0x113, r4, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1) (async)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000140)="9a1a0000000c0066baf80cb882120c8eef66bafc0cb08ceec74424000a000000c744240200000000c7442406000000000f011c24b8070000000f23d80f21f835800000300f23f8f2afb8010000000f01c1b9e80800000f32c4c1fa7f56e60f796b3ab80e7000000f23d80f21f835000000c00f23f8", 0x75}], 0xaaaaaaaaaaaac8b, 0x46, &(0x7f00000000c0)=[@cr0={0x0, 0x2a}], 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
syz_kvm_setup_syzos_vm$x86(r10, &(0x7f0000002000/0x400000)=nil)
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000001c0)="0f20d86635200000000f22d8f30fc77006f3d3d366b800a000000f23d80f21f86635c00000500f23f8640f01c5360f00dbbaf80c66b8e704838b66efbafc0cec260f209dbaf80c66b84627838e66efbafc0ced0f01c4", 0x56}], 0x1, 0xa, &(0x7f0000000540)=[@dstype0={0x6, 0x40000005}], 0x1) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000001c0)="0f20d86635200000000f22d8f30fc77006f3d3d366b800a000000f23d80f21f86635c00000500f23f8640f01c5360f00dbbaf80c66b8e704838b66efbafc0cec260f209dbaf80c66b84627838e66efbafc0ced0f01c4", 0x56}], 0x1, 0xa, &(0x7f0000000540)=[@dstype0={0x6, 0x40000005}], 0x1)
munmap(&(0x7f0000017000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000017000/0x4000)=nil, 0x4000)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f00000000c0)="2e0f01c8660f38811e0f20c035000001000f22c0640091bb7f1a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x33}], 0x1, 0x12, &(0x7f0000000100)=[@cstype3={0x5, 0x4}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

2m23.542496782s ago: executing program 35 (id=632):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r5, 0x4068aea3, &(0x7f0000000100)={0xc7, 0x0, 0x1})
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000c1b000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000040)="b9b00a00000f324e0fc71866ba2000ec66ba6100ecdac7b805000000b90a0000000f01d90f20d835080000000f22d8b805000000b9f2ffffff0f01c1660f50d2c4421dbaec", 0x45}], 0x1, 0x55, &(0x7f0000000100), 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000200)={0x3, 0x81})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000100)="ba4200ecbaf80c66b8e74be68a66efbafc0cec0f01cf670f01c22e0fc7b80180baf80c66b8eeff898466efbafc0cb80600efd8db0f1849b766b9800000c00f326635000100000f300f01c3", 0x4b}], 0x1, 0x10, &(0x7f0000000540)=[@flags={0x3, 0x40}], 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
mmap$KVM_VCPU(&(0x7f000000e000/0x3000)=nil, r7, 0x2000004, 0x4010032, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x1)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r11, r12, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f00000000c0)="c4e1dc55c32ef30fc733ea00800000c2000f32f30fc7b328ffffff650f01c52e6465650fa2b9800000c00f3235000800000f3066b830018ec0c4e27d349000000000", 0x42}], 0x1, 0x53, &(0x7f0000000080)=[@flags={0x3, 0x4400}, @cr0={0x0, 0x8000000e}], 0x2)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r9, 0x8208ae63, &(0x7f0000000440)={0x2, 0x0, @ioapic={0x200000, 0xc, 0x800, 0xa0ba, 0x0, [{0xb9, 0x5c, 0x4, '\x00', 0x7}, {0x2, 0x5, 0x2, '\x00', 0x1}, {0xe, 0xb4, 0x1, '\x00', 0x80}, {0x3, 0x9, 0xc6, '\x00', 0x8}, {0x7, 0x8, 0xc, '\x00', 0xd9}, {0x7a, 0x2, 0x3e}, {0x7, 0x2, 0x8}, {0xf, 0x0, 0x44, '\x00', 0x3}, {0x40, 0x5, 0x2, '\x00', 0x8}, {0x6, 0xba, 0x2, '\x00', 0x5}, {0x5, 0x0, 0x4, '\x00', 0xb}, {0x0, 0xfb, 0x4, '\x00', 0x6c}, {0x5, 0xfa, 0x8, '\x00', 0x7}, {0x7, 0xfb, 0x6, '\x00', 0xed}, {0x0, 0x3, 0x3}, {0x7d, 0x40, 0x1, '\x00', 0x9}, {0x4, 0x2, 0xa, '\x00', 0x2}, {0xa7, 0x86, 0x6}, {0x5, 0x9, 0x9, '\x00', 0xa}, {0x1, 0xd, 0x10, '\x00', 0x4}, {0x8, 0x99, 0x8, '\x00', 0x9}, {0x1, 0x7, 0x7, '\x00', 0x7}, {0x1, 0x7, 0x3, '\x00', 0x6}, {0x6, 0x8, 0x9, '\x00', 0xff}]}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x1)
syz_kvm_setup_cpu$x86(r14, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000180)="66b94aa400000f32ba4000ed0f01d1660f3a0dab8cebbc65660fc7b20000670f20c10fec29baf80c66b850f0098f66efbafc0ced66b85f0000000f23d80f21f86635400000200f23f826f0f61f", 0x4d}], 0x1, 0x46, &(0x7f0000000200), 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2m23.497443172s ago: executing program 36 (id=628):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="66b80500000066b9bc8000000f01d90fc7acc661baa10066b80000000066ef0f01d13cae64640f01c50f0f0790e058ed0f215bbaf80c66b811dff08eb87d008ed8bafc0cec", 0x45}], 0x1, 0xd807f916f4a3e29d, &(0x7f0000000140)=[@vmwrite={0x8, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000001c0)={0x9, 0x0, [{0x26a, 0x0, 0xffdffffffffffff7}, {0x40000081, 0x0, 0x1}, {0xbda, 0x0, 0x8000}, {0x928, 0x0, 0x1000}, {0xb3f, 0x0, 0x7a167904}, {0x2c5, 0x0, 0x9}, {0x2e8, 0x0, 0x100}, {0x937, 0x0, 0xb}, {0xad8}]})
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000300)={0x9, 0x0, [{0x4b564d04, 0x0, 0x7}, {0x368, 0x0, 0x7a}, {0x30b, 0x0, 0x5}, {0x3a7, 0x0, 0x9}, {0x8a6, 0x0, 0x9}, {0x326, 0x0, 0xa}, {0x28c, 0x0, 0x1000}, {0xbe1, 0x0, 0x502}, {0x37a, 0x0, 0x6}]})
ioctl$KVM_CAP_X2APIC_API(r8, 0x4068aea3, &(0x7f0000000080)={0x81, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0x1000, 0x1000, &(0x7f0000001000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x5a, &(0x7f00000001c0)=[@flags={0x3, 0x6000}, @dstype3={0x7, 0x2}], 0x2)

2m23.441167612s ago: executing program 37 (id=633):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f000081d000/0x2000)=nil, r5, 0x3, 0x113, r4, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1) (async)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000140)="9a1a0000000c0066baf80cb882120c8eef66bafc0cb08ceec74424000a000000c744240200000000c7442406000000000f011c24b8070000000f23d80f21f835800000300f23f8f2afb8010000000f01c1b9e80800000f32c4c1fa7f56e60f796b3ab80e7000000f23d80f21f835000000c00f23f8", 0x75}], 0xaaaaaaaaaaaac8b, 0x46, &(0x7f00000000c0)=[@cr0={0x0, 0x2a}], 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
syz_kvm_setup_syzos_vm$x86(r10, &(0x7f0000002000/0x400000)=nil)
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000001c0)="0f20d86635200000000f22d8f30fc77006f3d3d366b800a000000f23d80f21f86635c00000500f23f8640f01c5360f00dbbaf80c66b8e704838b66efbafc0cec260f209dbaf80c66b84627838e66efbafc0ced0f01c4", 0x56}], 0x1, 0xa, &(0x7f0000000540)=[@dstype0={0x6, 0x40000005}], 0x1) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000001c0)="0f20d86635200000000f22d8f30fc77006f3d3d366b800a000000f23d80f21f86635c00000500f23f8640f01c5360f00dbbaf80c66b8e704838b66efbafc0cec260f209dbaf80c66b84627838e66efbafc0ced0f01c4", 0x56}], 0x1, 0xa, &(0x7f0000000540)=[@dstype0={0x6, 0x40000005}], 0x1)
munmap(&(0x7f0000017000/0x4000)=nil, 0x4000) (async)
munmap(&(0x7f0000017000/0x4000)=nil, 0x4000)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f00000000c0)="2e0f01c8660f38811e0f20c035000001000f22c0640091bb7f1a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x33}], 0x1, 0x12, &(0x7f0000000100)=[@cstype3={0x5, 0x4}], 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

1m34.491400301s ago: executing program 6 (id=949):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CAP_X86_BUS_LOCK_EXIT(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
ioctl$KVM_HYPERV_EVENTFD(r3, 0x4018aebd, &(0x7f0000000000)={0x2, 0xffffffffffffffff, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80100, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM(r6, 0x4068aea3, &(0x7f00000000c0)={0xe1})
munmap(&(0x7f0000001000/0x2000)=nil, 0x2000)

1m34.351414152s ago: executing program 7 (id=950):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000240)="c744240038000000c74424027e12568cc7442406000000000f011424490fc728c461f1d3edb805000000b960fb00000f01d926f3460f0966ba6100edc4c281b6bc5200000080c4010d610d31000000f2f2660f0d6966b9ea0200000f32", 0x5d}], 0x0, 0x58, &(0x7f0000000540), 0x0)
syz_kvm_setup_cpu$x86(r3, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000140)="f30f1ecb66b9800000c00f326635002000000f3064260f22a40f017034ba2000ed0f06fd66b8bc8e00000f23c80f21f866350c0030000f23f8f20f1a7aa10f01c4", 0x41}], 0x1, 0x38, &(0x7f0000000540), 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000080)={0x80000003})
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f00000001c0)={[{0x4ddbb8f7, 0x9, 0x4, 0x7, 0xf9, 0xe8, 0xfb, 0x5, 0x4, 0x3, 0x7, 0x40, 0x10001}, {0x2, 0x924, 0x78, 0xd, 0x5, 0x8, 0x99, 0x1, 0x81, 0x9, 0x2, 0x8, 0x37}, {0xfffffff9, 0x3, 0xe, 0x1, 0x40, 0x5, 0x2, 0xf, 0x8, 0x4, 0x4, 0xc, 0x10000000000005}], 0x6})
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000040)=@x86={0x3, 0xfa, 0x0, 0x0, 0x9, 0x4, 0x5, 0xe0, 0x12, 0x4, 0x5, 0x0, 0x0, 0x20a, 0xf, 0x9, 0x3, 0xb, 0x9, '\x00', 0x2, 0x952})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

1m34.28128228s ago: executing program 8 (id=951):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f00000001c0)={0x10001})
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000c1b000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000040)="0fca0f3266ba2000ec66ba6100ecdac767400f204100000000000f01d90f20d835080000000f22d8b805000000b9f2ffffff0f01c1660f50d2c4421dbaec", 0x3e}], 0x1, 0x3, &(0x7f0000000100), 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r1, 0x4068aea3, &(0x7f00000000c0)={0xd5, 0x0, 0x71}) (async)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r0, 0x4068aea3, &(0x7f0000000140)={0xdf, 0x0, 0x1c000}) (async)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="660fd195ad00aa412e670f2125b9800000c00f3235002000000f30b95b090000b800400000ba000000000f300f01cbb805000000b9050000000f01c10f3266b8c6008ee08fe9609b12b84f0000000f23d80f21f835800000700f23f8", 0x5c}], 0x1, 0x10, &(0x7f00000000c0)=[@efer, @cstype0={0x4, 0x4}], 0x2) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000200)="0f06b805000000b90b0000000f01d9b9800000c00f3235000100000f30450f2370c442bdbff00f20d835200000000f22d80f01d10f01c80f01ca262666f3400f01e8", 0x42}], 0x1, 0x10, &(0x7f0000000540)=[@flags={0x3, 0x40}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m34.280910661s ago: executing program 7 (id=952):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
munmap(&(0x7f0000001000/0x2000)=nil, 0x2000)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r4, 0xc008aec1, &(0x7f0000001dc0)={0x9, 0x0, [{0x4, 0x0, 0x1, 0x5, 0xfffffff9, 0x17dd, 0x80}, {0x80000007, 0x1ff, 0xa3285bcdf80d2081, 0x0, 0xe, 0x1, 0xff}, {0xc0000001, 0x9e0, 0x2, 0x406, 0x7fc, 0x6, 0x63}, {0x80000000, 0xffffffff, 0x3, 0xfffffffb, 0x2, 0xffff, 0x9}, {0x80000000, 0x6, 0x5, 0x2a2, 0x1ff, 0x4, 0x9}, {0x80000001, 0x9, 0x5, 0xb, 0x6, 0x9, 0x9}, {0x3, 0x8, 0x3, 0x800, 0x1, 0x3, 0x3}, {0x0, 0x7, 0x1, 0x109, 0x1, 0xa83f, 0x1}, {0xc0000006, 0x0, 0x2, 0x5, 0x5, 0x3, 0x3}]})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)={0x4, 0x0, [{0x587, 0x0, 0x200000ac}, {0x669, 0x0, 0x8000000000000000}, {0x60a, 0x0, 0x3}, {0x81b, 0x0, 0x4}]})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_TDX_FINALIZE_VM(r5, 0xc008aeba, &(0x7f00000001c0))
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000180)=@arm64={0x1, 0x0, 0x3})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000000c0)={0x5, 0x0, [{0xc1, 0x0, 0xf8}, {0x408, 0x0, 0x2d40000}, {0xf27ecc57c4edc152}, {0x21c, 0x0, 0x80000000006}, {0xa82, 0x0, 0x100000000}]})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x1)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r12, 0xc008ae88, &(0x7f0000000180)={0x3, 0x0, [{0x40000104, 0x0, 0x41}, {0x31c, 0x0, 0x5}, {0xa0f, 0x0, 0x2}]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000080)={0x6, 0x0, [{0x40000000, 0x4, 0x6, 0xad9, 0x0, 0x0, 0x100}, {0x8000000a, 0x7, 0x6, 0x0, 0xffffffff, 0x6, 0x8001}, {0x40000000, 0x2, 0x3, 0x1, 0x2, 0x16091d37, 0x5}, {0xb, 0x6, 0x5, 0x1000, 0x4, 0x7bd, 0x1}, {0xb, 0x105, 0x2, 0x5, 0x1, 0x1, 0x3ff}, {0x6, 0xffffffff, 0xe, 0xb6, 0xa5, 0x10, 0xb1}]})

1m34.171441981s ago: executing program 6 (id=953):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000a00)={0x0, &(0x7f0000000580)=[@nested_amd_vmload={0x182, 0x18, 0x1}, @enable_nested={0x12c, 0x18}, @enable_nested={0x12c, 0x18}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x2, @host16=0x9, 0xb47, 0x0, 0x7fffffffffffffff}}, @out_dx={0x6a, 0x28, {0x485a, 0x0, 0x100000000}}, @cpuid={0x64, 0x18, {0xfffff091, 0x4}}, @nested_load_code={0x12e, 0x99, {0x1, "b805000000b9010000000f01c1c744240042b57de4c744240200f030fbc7442406000000000f011c24c441f92fce66baf80cb8a4761d8bef66bafc0cb801000000efb805000000b9000000800f01d9f0811c2b0000000066baa100b8f55634cdef66ba200066b837dd66ef6442dda7ecee0000b9800000c00f3235004000000f30"}}, @nested_load_syzos={0x136, 0x30, {0x6, 0x6, [@nested_amd_clgi={0x17f, 0x10}]}}, @nested_amd_set_intercept={0x181, 0x30, {0x0, 0x9, 0x4}}, @code={0xa, 0x61, {"64660f01b3988b471bc462fd293ab9e60a0000b8009f0000ba000000000f30b805000000b90e0000000f01d90f608831f9dfc866430f3881b11529000066b855008ed80f20e20fc7990f8fd0ff0f01c4"}}, @rdmsr={0x66, 0x18, {0x299}}, @rdmsr={0x66, 0x18, {0x22c}}, @nested_amd_clgi={0x17f, 0x10}, @nested_amd_inject_event={0x180, 0x38, {0x0, 0x4a, 0x5, 0x2}}, @code={0xa, 0x4a, {"42ae410f791f0f011cb745ac66ba6100ec360f01cbb9080800000f32c744240016000000c744240217000000ff2c24410f521666b89b008ee0"}}, @wrmsr={0x65, 0x20, {0x48e, 0x7}}, @out_dx={0x6a, 0x28, {0x90c7, 0x6, 0xdd2a}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_load_syzos={0x136, 0xd0, {0x1, 0x6, [@nested_amd_inject_event={0x180, 0x38, {0x3, 0x95, 0x5, 0x0, 0x3}}, @enable_nested={0x12c, 0x18}, @nested_amd_set_intercept={0x181, 0x30, {0x1, 0xd, 0x1ff, 0x1}}, @nested_amd_set_intercept={0x181, 0x30, {0x3, 0x9, 0x80f, 0x1}}]}}, @wr_crn={0x67, 0x20, {0x8, 0x6b}}, @nested_amd_vmsave={0x183, 0x18, 0x1}, @nested_vmlaunch={0x12f, 0x18}, @nested_vmlaunch={0x12f, 0x18, 0x2}], 0x474})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000080)="48b82e220000000000000f23c00f21f83501000b000f23f8c4a1fdc64baaa00f01c966470f388156a7b9500300000f32c801d10f20e035000002000f22e00f01c9c482012d56310fc718", 0x4a}], 0x1, 0x51, &(0x7f0000000540), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m34.081075837s ago: executing program 8 (id=954):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f00000001c0)="440f9557df66350d0000004466b9e00b000066b8cd34000066ba000000000f300f011e0090670fa1c7700a0ac75dadcd6678522e0f35660f3566f20fc25a060f640ff1f2642e0f35660f3a15f100150f20c0c035200000000f22c0", 0x5b}], 0x1, 0x13, &(0x7f0000000080), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x4000000000121)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ef290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x26, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="c4e2790e600c430f0130f30f30c4c3856ae9360f0f1aa7f30faec7f3410f58cd66b826010f00d8660f76359400000064660f3806ae00000000", 0x39}], 0x1, 0x4, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
r14 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x74d9c2, 0x0)
r15 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x1)
r16 = ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r15, r16, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000100)="2e360fc7b63300000066baf80cb87800088bef66bafc0ced0f00d80f08f30f090fc7996a000000470f626c51a6f3460f1ec667640fc77ce0bd266644e900000000673ef242d9f2", 0x61}], 0x1, 0x6, &(0x7f0000000540), 0x1)
syz_kvm_setup_cpu$x86(r12, r13, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x2, 0xe, 0x7, '\x00', 0x100})
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)

1m33.941273999s ago: executing program 6 (id=955):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000100)="440f01dfb9d1080000c4c31d5db65fcf0000650f23b9f30f0f01b066baf80cef66bafc0ced43e3842e0f015f00440f0138660f3a631835", 0x37}], 0x1, 0x51, &(0x7f0000000200)=[@vmwrite={0x8, 0x0, 0x7, 0x0, 0x2, 0x0, 0x3, 0x0, 0x800005}, @efer={0x2, 0xd00}], 0x2a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f00000000c0)="f2f40f011e0090670fc7700a0fc75dad66f32e0f350f01cff20fc25a060f640ff1f266b9e00800000f320f20c06635200000000f22c0", 0x36}], 0x1, 0x13, &(0x7f0000000540)=[@cstype3={0x5, 0x12}], 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80100, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r7, 0x4188aec6, &(0x7f00000008c0)={0x1, [{0x3, 0x4d0, 0x7, &(0x7f0000000080)="d1ccd4ceda6abf0abc792e65d4a4ace9c8343620c221c6e99d9a793ed47555b4b0daaebd03d0053dec9c51e8076e1adf228633289e2d769f03ca6a74e1b97d6139ce7837bb76763cd827412623d1622c9b270c49c24c4a368d18b3291d763a23287e6985a6b32c0f88eb074677b921b3aac09fd98ca5df3f6f056a6833dc0c340f2bb0a2bbd987e35daac096233b7eb95780f71e06c75d7eff9f"}, {0x2, 0x2d0, 0x4, &(0x7f0000000140)="80b4fa62f546a3a2bf3bf86563aaa947aa75cd7d51adf4507c10488dc786f769248056dcef0feaa553d0f1fe414a608442127f9d6e0df4ea30b0aa6963cad80ad94e2de4474e39ba30c555cc6376982370a757be0586636b81ea"}, {0x2, 0x7c8, 0x10000, &(0x7f0000000240)="684f35a217235767d52dce3db993f8308a49d2f9cd972ea612912ba78f5870396c82d5b028a7245c637547d34870fd2c42bfb74377e9adf8602e8d62761669ce26a281af087b1ea17e060b98aa0b4217c254d88ed41c8f0db92e9a44184af12ea92829b64c96afd233f61a4e2298408b8eed3b3883d989ed60e6db05ff8d9fb9f9dfe7ff69132e27b1fd517973425d60da997c16d699ea608e6459e87705de9f3114b5542c7b94a30f8bdc101eff6f28119dc4cbb6c8eb756c166b9fa1334f4c267235376b1df8e4539a924fd4b1a7a14bcf1723ca52e4d42fe9261e8dcf86668932a3dea118d69f4a18d5fd745776757f165ecb8e4b1fe09b"}, {0x1, 0x200, 0xb9b, &(0x7f0000000340)="87b76e742e0344a0a93c5de5c9b7cea900fb0901d817cf2ff9b2de20e2966dc0648c9fd85101841fff8043104b591649597bbfa2c4faff5a3645f0d38e315ffb"}, {0x1, 0x368, 0x464942f4, &(0x7f0000000380)="df74f2d64ec133e715c608349e1eed1318a0824b376d022ef006a2f7bb436ac11fa97d3649163036b80e4090370089de987886bc04aaab112694caffb7609bb18cd852fdab91cc409da05c73f24dc4c2369daff78b1408500cca361ffbc882a026965043ef28d40acfe0f70241"}, {0x2, 0x1c8, 0x81, &(0x7f0000000400)="e287985def564ee6468949bf4f3073fc998a99ad0d1ba11617b16de47a0974d5f694ae19ff78f6bdc8e2ea832e4ba39653e1c539633b30b31c"}, {0x1, 0x130, 0x2, &(0x7f0000000880)="99820bd4582ebd5f1e68b4e2a375aff9e35987fd24d324c0977e46f518c67cd880debf074bfc"}, {0x3, 0xf0, 0x10000, &(0x7f0000000480)="36d526f11ca488d3c7fb58acb1a6bf0a36b903968e146ecd630fbb440997"}, {0x3, 0x778, 0x80000000, &(0x7f00000004c0)="50f01c71f82396bfe60470b9b2e6c1895f32b50794774384c8d4c6fe83a0fbb0590c708f35f6a522442b55baf5f7e9370c452543df105835f0831901438890a4bf0c5cae5da62524f0fde908bb0939f32629f331b3866554a55391097be1a54f7a9a71ebf246665b2c86779efe147bab079fa81576bd2c1a103f284e32b030d2604a62ab19b9a0ac460aef541fba9a699c7aa67b588937ecd85468ee3e17690d85e0296a1aeb00211bfaf5413310bcb158aa1f7004bad375de2962bad47b882f786899f4fc127356540cf895040a16596301964d33d4b51403d334b693045b2d8cab042935bc4ec430acc4107a5aa6"}, {0x2, 0x570, 0x1, &(0x7f00000005c0)="f3b51771525adbb0ba93a218adc52fda22801dd6d4450d522cb272eff6a80da15e6fdd6eaae97b71055f3dcfbb001ed52a32395c8092a36d5d8647f1492b885f02761dcd07235b6d062e1fc0ca4ac92a26b3d1c92c0c22594ffea32f0faba406da352278ca996307be52b83b9e70ef9e55646a4b136d23a62447795bfde74fce29cc02d2af09e49b6fdff924ffb29dabd0dcb36d6ad12aa4475332bdf5a7a3f00c7986597039e767a443b5906484"}, {0x3, 0x6b8, 0xc, &(0x7f0000000b00)="c450adadac44c6cfb16f05683021fb27554ea6d19c8637e1313f3cf62b12ddb18f6b664e7a8425c2034ff9a24bd020be6e075d1c88fa44bebd08f71a09dd57758fccfc0500149cc25fa80d08abd96318af00dec6a4f5fdf2dd774c8b2d4a68d50d292dafd6be6720bd91000000000000000000000000000000d7d15a8b65398693bf81ac3eac0e31e9a802133ba80fae97615357dd25d88273b02582889d1edc012dc67614c00237e56a46dbc6d0aaf15518f5c4e6689c70f8807da63ae0e0c10172ca20ca9054569e8a6a84e1f89158846a73fe7b3c4b"}, {0x1, 0x300, 0x6, &(0x7f0000000700)="debfe1068254a9fce02e48480cb0d5f61f4e82432bc004b176696b191deddd8f5d7848af24d57c34c499437ba4495da7bf268b02eba1a65c2ad72aa9f7d3f9e284789b035df3d8c79e019039d3bf767e3550ce136244213d61f86bcdc0cb656d"}, {0x1, 0x1d0, 0x9, &(0x7f0000000780)="6d2ab5dec9f765b051a887b82f6b9321503c0e8c15355fb9492753c01e59e85cddbc980f3a3fbe5c2b465077babc9ca76cdb27806f07e7c5365b"}, {0x2, 0x300, 0x15344c15, &(0x7f00000007c0)="4733057c782a5ddc19d52bd5c76b5eb2d62e1973d10bcb4ebf715cd0bd58a70a2949581024d9b9cdbb54bebf69141657bf5bbafffd23d07e7ffb31d2d7363391d8d6bb069fe7a3ddbcce43843de76f2d92e6c19c3f77c5f480d88eccb12ecc7c"}, {0x2, 0xa8, 0x3, &(0x7f0000000840)="02985ee3ee9a4804af43aba767fdf5c30e48b6bb2d"}, {0x2, 0x0, 0x1000, &(0x7f0000000880)}]})
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f00000001c0))
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r11, 0xc008ae88, &(0x7f0000000140)={0x5, 0x0, [{0x0, 0x0, 0x8}, {0x200, 0x0, 0x8}, {0xa9e, 0x0, 0x5}, {0xc0010114, 0x0, 0x80}, {0x9c3, 0x0, 0x3}]})
ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r10, 0x4068aea3, &(0x7f0000000680)={0xed, 0x0, 0xffffffffffffffc5})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f0000000440)=0x3)

1m33.940925213s ago: executing program 7 (id=956):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000100)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000b9b10900000f32f3460f1ec6f20f704f0ee2266644e900000000673ef242d9f2", 0x3c}], 0x1, 0x3f, &(0x7f00000000c0)=[@cr0={0x0, 0x2a}], 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, r10, 0x0, 0x13, r9, 0x0)
ioctl$KVM_SET_LAPIC(r9, 0x4400ae8f, &(0x7f0000000580)={"950f56aa9ed879f86b829cf6c0ef20c014e487a6867f7f0524d0225dc28fee236023997c9b55ff4f22eabc8e3e8a4e65b667a1424401512db5e9c10c9e34952e902f4117cdb079d63638cf6e109f10a7475ec1c5e2f157728513a39c7fd1c837dbf56b4f799468daf146cd675fa5d51e4d0abb754bca5bccefbb37d850d4ccc2fe45a2feaf3f654485dc4c0fec21b8a4cc1db450847550f4b279dbe0e5231a903bbcdecd353a611bad4b369337138805e4a812b656a91e0ee140bdccd14c9eae5c47a9c7e792851545e16b98c003113eb5eea31515bc3d36fb768ca7f80343864297509083e83749ffbaa273ba9bf7d1eb63d62e2cc2a311728c85b87b6fb5d388b70534a64f8dac03e12ba50d4577dda33ee024d62a4619155cffd599ae5efd4ac91f3dad1bd00cc6e697f59f687e788aec709b817a56d6b35860e8584062379d01d05ac84beab01c1c4a8f43c2cf391d9fc7ecd3d9503fb20301426d000034031c2fe506ac5edc8d728170b36327bd2c30f5f07498cdbb75c4d03bd24d91a00546a27130104f41c3607088aabbe337df46524cba3ac60d3ffaa356ae954f5418b11ab3cbbd5cf5b94adb9ce140b3ca964049d71aadc2deb0b0af66965dd5bdc7a5e8977111d42bc8c34283a4a0c199367358cf4d24e037f4e1587e3373e6e8f220a714a0a9a29bd888b04a0737264871c615a0037bcbdca1b3fb46ec0c7be8ec55286962db5cc12a0dba3466b2b8d76a2dba4ac097e36b518f6b0702115f0202d04700f021f1c55532497471fdff133b4241058a7fd263a126570e53e0a68da05b965065e2c5ff190b01c28cae621cfdfc68faa5d2c355bec34059d21fae6549734a66c54cd2bbc24ff9c2318ec014198ac3b66586b282adafd043ffa28787e1c5ac914673e8efa632520fc521b34708a688e773823e052b856d0fbd40ea7467205e20fd3310fc460f69b4f6bf3c97b3da76fda4222fe1085ce65b6eaa778ebf018fc36c8288b4247d180f0c6c7b23c8821b3461ccdec3e7009b92577063bfded872080fb369661440f0459fec17b306a7702c8af19e5414b368956d21c8620550944bda64967927d746325975126090fe0b7f1380ea3e02e7d98b800461141f13f5a2dc46ad294cbc282c0a135015f0a5e65dbc2e58ec3ce1d94178b58341aa8bd2c4eec2c9d21e439912aa4bb292f0768ac31308f4388b9ec47d314181ead403300f49337ec636ea694e9e4afc51a4299820900c66e718c1259270908b0bde38c870d13693796844a56fac7e1a117351602d0c9c499b47061aaa5028595048d80051325d325a217614b0d28d7a07132e0d31f94d73c3ff4751d6b4f6f440b4e2c07daa03febd5489cc99bf9568a4beb5f2035b393efe78f5b8ea5c9d0c806a6bf34b44b00ea1245788464e3ba8420631252c43d5c0a861b7969fdaef4130"})
r11 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000140)="9a1a0000000c0066baf80cb882120c8eef66bafc0cb08ceec74424000a000000c744240200000000c7442406000000000f011c24b8070000000f23d80f21f835800000300f23f8f2afb8010000000f01c1b9e80800000f32c4c1fa7f56e60f796b3ab80e7000000f23d80f21f835000000c00f23f8", 0x75}], 0x1, 0x46, &(0x7f00000000c0)=[@cr0={0x0, 0x2a}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000001c0)="0f20d86635200000000f22d8f30fc77006f3d3d366b800a000000f23d80f21f86635c00000500f23f8640f01c5360f00dbbaf80c66b8e704838b66efbafc0cec260f209dbaf80c66b84627838e66efbafc0ced0f01c4", 0x56}], 0x1, 0xa, &(0x7f0000000540)=[@dstype0={0x6, 0x40000005}], 0x1)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f00000000c0)="2e0f01c8660f38811e0f20c035000001000f22c0640091bb7f1a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x33}], 0x1, 0x12, &(0x7f0000000100)=[@cstype3={0x5, 0x4}], 0x1)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

1m33.259385294s ago: executing program 7 (id=957):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, r6, 0x3000000, 0x8013, r4, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x5b1882, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r7, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, r10, 0x0, 0x13, r9, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000180)=@arm64={0x1, 0x0, 0x3, '\x00', 0x3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m33.258537031s ago: executing program 6 (id=958):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000100)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0xf}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000240)="baf80c66b8ba01378266efbafc0ceddcc7660f38800f660f383d4000660f0158b80f38016a0e0f138e199d0f381edb66b8008000000f23c80f21f866350400d0000f23f866656f", 0x47}], 0x1, 0x46, &(0x7f00000000c0)=[@dstype3={0x7, 0x9}, @cr0={0x0, 0x2}], 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000100)={0x5, 0x0, [{0x40000003, 0x0, 0x1}, {0x3f6, 0x0, 0x7}, {0x28c}, {0xa3b}, {0x924, 0x0, 0x100}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m33.171378455s ago: executing program 8 (id=959):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$x86(r4, &(0x7f0000ada000/0x400000)=nil)
syz_kvm_add_vcpu$x86(r5, &(0x7f0000000280)={0x0, &(0x7f0000000200)})
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) (async)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x3, 0xb3, 0x0, 0xfff, 0x5, 0x6, 0x9, 0xc0, 0x6, 0x6, 0xc7, 0x0, 0x4, 0x5, 0x0, 0x2, 0x28, 0x2, '\x00', 0x0, 0x10001})
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000100)={0x70002, 0x0, {[0xd7b7, 0x3, 0x101, 0x2, 0x753, 0x7, 0x2, 0x33ba7db60]}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="f8eab5f75b00baf80c66b8ecd4218766efbafc0c66edbaf80c66b820c2488466efbafc0c66b8aa00000066efb8b2000f00d0363ef3a7f00fab0e00806766c7442400050000006766c7442402590000006766c744240600000000670f011424f2640f015b100f01d1", 0x68}], 0x1, 0x1, &(0x7f0000000140)=[@dstype3={0x7, 0x6}], 0x1)

1m32.941336872s ago: executing program 7 (id=960):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r3, 0xc008ae88, &(0x7f0000000000)={0x4, 0x0, [{0x1dd, 0x0, 0xfffffffffffff58e}, {0x0, 0x0, 0x4}, {0xb19, 0x0, 0x64}, {0x97c, 0x0, 0x1}]})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000bff000/0x400000)=nil)
syz_kvm_add_vcpu$x86(r8, &(0x7f0000000940)={0x0, &(0x7f0000000580)=[@cpuid={0x64, 0x18, {0x400, 0x7f}}, @wr_drn={0x68, 0x20, {0x6, 0x9379}}, @wr_crn={0x67, 0x20, {0x4, 0x9e}}, @wr_crn={0x67, 0x20, {0x4, 0x3fe000000}}, @in_dx={0x69, 0x20, {0x51ea, 0x1}}, @set_irq_handler={0xc8, 0x20, {0xe3}}, @out_dx={0x6a, 0x28, {0xeeca, 0x5, 0x3}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x1, @control_area=0x92, 0x3, 0x7, 0xd}}, @nested_amd_clgi={0x17f, 0x10}, @nested_load_syzos={0x136, 0x150, {0x1, 0x1, [@nested_amd_stgi={0x17e, 0x10}, @enable_nested={0x12c, 0x18}, @cpuid={0x64, 0x18, {0x400, 0x9}}, @cpuid={0x64, 0x18, {0xc}}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_vmsave={0x183, 0x18, 0x2}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @control_area=0xbd, 0xffffffffffffffff, 0x80, 0x96d}}, @wrmsr={0x65, 0x20, {0xbbe, 0x4}}, @nested_amd_inject_event={0x180, 0x38, {0x0, 0xea, 0x6, 0x19, 0x3}}, @nested_load_syzos={0x136, 0x20, {0x1, 0x7}}]}}, @nested_amd_clgi={0x17f, 0x10}, @out_dx={0x6a, 0x28, {0x2e90, 0x5, 0x7}}, @nested_amd_vmload={0x182, 0x18, 0x2}, @code={0xa, 0xa3, {"66baf80cb88831978aef66bafc0cb806000000ef48b800600000000000000f23c00f21f83500000e000f23f8b9800000c00f3235002000000f3066baf80cb80ac7828def66bafc0c66b86e9166efc4e15d6407660f38803ac744240093000000c744240201000000ff1c243e6441d1dac74424000b000000c744240249000000c7442406000000000f01142466b800018ed0"}}, @wrmsr={0x65, 0x20, {0x328, 0x5}}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @uexit={0x0, 0x18, 0x200}], 0x3bb})
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000080)={0x4, 0x0, [{0xc001102a, 0x0, 0x10000000009}, {0x481, 0x0, 0x803fc000003}, {0x17, 0x0, 0x80000000}, {0x399, 0x0, 0x400}]})
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000200)="0f06b805000000b90b0000000f01d9b9800000c00f3235000100000f30450f2370c442bdbff00f20d835200000000f22d80f01d10f01c80f01ca262666f3400f01e8", 0x42}], 0x1, 0x10, &(0x7f0000000540)=[@flags={0x3, 0x40}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m32.941059707s ago: executing program 8 (id=961):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000011000/0x1000)=nil, r1, 0x5, 0x4010032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f0000000040)={0x1000, 0x8000})

1m32.849556274s ago: executing program 6 (id=962):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000000040)=0x2) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
ioctl$KVM_SET_CLOCK(r6, 0x4030ae7b, &(0x7f0000000240)={0x9, 0x300, 0x4, 0x1, 0x200})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x1)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r11, r12, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000040)="f30f5c428e66baf80cb8e24a1787ef66bafc0c66b8ddd366ef36640f3801820018000066baf80cb8b71ad584ef66bafc0cb000eeb9ce0b0000b80f000000ba000000000f3026640f0966b86a008ec0b805000000b9f2ba00000f01d966b80b010f00d0b805000000b9001000000f01d9", 0x70}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r12, 0xae80, 0x0) (async)
r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r13, 0xae01, 0x1) (async)
r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x29)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r14, 0x4020aed2, &(0x7f0000000300)={0xc000})
syz_kvm_setup_cpu$x86(r8, r9, &(0x7f000001a000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000280)="f3f00fab8eb1290000262e0fc71b26f4b86010e8810f23d00f21f835200000030f23f88226cf2666f32e0f01ba5064f7fc66b85f00bdbde0f2f3df2ef20f0866ba210066ed", 0x45}], 0x1, 0x5a, &(0x7f0000000540)=[@vmwrite={0x8, 0x0, 0x18, 0x0, 0x1, 0x0, 0x3, 0x0, 0x7}], 0x1) (async, rerun: 32)
ioctl$KVM_SET_XCRS(r9, 0x4188aea7, &(0x7f0000000340)={0x8, 0x0, [{0x800, 0x0, 0x10001}, {0x2, 0x0, 0xffffffffffff5b31}, {0x81, 0x0, 0x962}, {0xfffffff7, 0x0, 0x401}, {0x6, 0x0, 0xfffffffffffffffd}, {0x2, 0x0, 0x8}, {0xc7da, 0x0, 0x7ffffffd}, {0x0, 0x0, 0x7}, {0x8, 0x0, 0x6}, {0x4000008, 0x0, 0x2}, {0x100, 0x0, 0x4}, {0xfffffffa, 0x0, 0x9}, {0xfffffffe, 0x0, 0x5}, {0x9, 0x0, 0x100000000010001}, {0x3, 0x0, 0x4000000a}, {0x3, 0x0, 0x80000000000004}]}) (rerun: 32)
r15 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1d)
munmap(&(0x7f0000018000/0x4000)=nil, 0x4000) (async)
ioctl$KVM_GET_MSRS_cpu(r12, 0xc008ae88, &(0x7f0000000140)={0x4, 0x0, [{0xbd9, 0x0, 0x4}, {0x60a, 0x0, 0x9}, {0x4000009b, 0x0, 0x9}, {0x12, 0x0, 0x6}]}) (async)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r15, 0x4008ae73, &(0x7f0000000100)={0x3, 0x5}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m32.731186405s ago: executing program 8 (id=963):
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000000)=[@uexit={0x0, 0x18, 0x6d1d}, @wrmsr={0x65, 0x20, {0x91d, 0x3ce}}, @nested_load_code={0x12e, 0x4f, {0x0, "470f1cf945c1680006f0313a460f0846df9c03b9ceca320f20e035080000000f22e0360f01c8f30f01dfc4c1f5654e5466bad004b004ee"}}, @nested_amd_clgi={0x17f, 0x10}, @nested_amd_inject_event={0x180, 0x38, {0x1, 0x90, 0x5, 0x2, 0x1}}, @nested_amd_vmsave={0x183, 0x18}, @nested_vmlaunch={0x12f, 0x18, 0x2}, @nested_amd_invlpga={0x17d, 0x20, {0x30000, 0xbd02}}, @rdmsr={0x66, 0x18, {0x1dd}}, @nested_amd_invlpga={0x17d, 0x20, {0x26000, 0x4e89}}, @nested_amd_clgi={0x17f, 0x10}], 0x167})
ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f00000001c0)={0x5, 0x0, [{}, {}, {}, {}, {}]})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r1, 0x4018aee2, &(0x7f0000000300)=@attr_pmu_irq={0x0, 0x1, 0x1, &(0x7f00000002c0)=0x10001})
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000340)={0xed, "02b7054f3dd76c237cc3f0178377af1d897f15d9ebc9e05ddc0ec501a93363c223788396fb75bba7e07c8af8e31538818199af7d61ae543dcd2b23f5e26632fb7fb1cd1381e989b518fde2045a1d6a9c104244c72328476edf5af4e24da9bb261ed93de5ddbc8f68e98f0c97e3519e1dd2f5b1c6524a99c8b1a2568215fbdf4f329d1dd1d3e8c2c0fabb9a989b03ae58b36e95c98c8f67bdb20a9a358e0c6a41211ebb6adbb616e7c2c7ea13730a605df1291d06d6902830ec9c1a033582364046b807d8767883159f3a4ff51bcb8e193c8223037404719a900afe273660c9a033416c900b85430a05488cddfa"})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x24)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f0000000440))
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000480)={0xeeef0000, 0x100000})
ioctl$KVM_CAP_HYPERV_VP_INDEX(r0, 0x4068aea3, &(0x7f00000004c0))
ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r2, 0x4068aea3, &(0x7f0000000540)={0xed, 0x0, 0x80})
ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000600)=@riscv64_timer={0x8030000004000000, &(0x7f00000005c0)=0x5})
r3 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000780)={0x0, &(0x7f0000000640)=[@enable_nested={0x12c, 0x18}, @wrmsr={0x65, 0x20, {0xb22, 0xff}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @control_area=0x3a, 0xffff, 0x5987, 0x680000}}, @in_dx={0x69, 0x20, {0xef80, 0x4}}, @nested_vmresume={0x130, 0x18, 0x1}, @rdmsr={0x66, 0x18, {0x239}}, @nested_amd_invlpga={0x17d, 0x20, {0x80fb000, 0x55c4}}, @nested_amd_vmsave={0x183, 0x18}, @uexit={0x0, 0x18, 0x101}, @nested_amd_vmsave={0x183, 0x18, 0x1}], 0x128})
ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, &(0x7f0000000800)=@attr_pmu_irq={0x0, 0x1, 0x1, &(0x7f00000007c0)=0x7})
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000840)={0x4, 0x7, 0xf7})
ioctl$KVM_GET_TSC_KHZ_vm(r2, 0xaea3)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_cpu(0xffffffffffffffff, 0xc008aec1, &(0x7f0000000880)={0xa, 0x0, [{0x80000007, 0x9, 0x1, 0xce, 0x7, 0x1, 0x3}, {0x6cc8eee629cbf66f, 0x7, 0x6, 0x4, 0x80000000, 0xfffffffe, 0x7}, {0x80000001, 0x1000, 0x6, 0x3, 0x9, 0x60000000, 0x80000001}, {0xd, 0x6, 0x1, 0xc99d, 0xfffffffd, 0xfffffffc, 0x9}, {0x80000008, 0x2, 0x3, 0x4, 0x0, 0x9248, 0xb}, {0x6, 0x8, 0x2, 0x4, 0x0, 0x7, 0x3ff}, {0x1, 0x7ff, 0x1, 0x8000, 0x3677, 0x1, 0x2}, {0xd, 0x4, 0x5, 0x34cfde49, 0xa03, 0x100, 0x7}, {0x80000007, 0x4, 0x2, 0x6, 0xffff, 0x8001, 0x7fff}, {0xc0000000, 0x1, 0x2, 0x8, 0x7, 0xd944, 0x449b}]})
ioctl$KVM_CAP_HYPERV_TLBFLUSH(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000a40))
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000ac0)={0x9, 0x0, [{0x331, 0x0, 0xa1e}, {0x95e, 0x0, 0x9}, {0x98c, 0x0, 0x8}, {0x40000093, 0x0, 0x7f}, {0xad8, 0x0, 0x6}, {0xb12, 0x0, 0x3}, {0xbb1, 0x0, 0x6}, {0x2b4, 0x0, 0x1}, {0x850, 0x0, 0x6}]})
ioctl$KVM_SET_NR_MMU_PAGES(r2, 0xae44, 0x9f9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000b80), 0x129000, 0x0)
r4 = eventfd2(0xfffffff9, 0x1)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000bc0)={0x7, 0xfec00000, 0x0, r4, 0xc})
r5 = eventfd2(0x952, 0x80801)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000c00)={r4, 0x4, 0x3, r5})
ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f0000000d80)={0x5e, 0x9e9, &(0x7f0000000c40)="0d9e57130c9d56dd811983066254574811af6d204704047653b5bf26bc353028bf1e96afcae69d7ea47ece14f8196ea22e779af6b926c830ee5444eea6e4a12a3c65b35aa2c8cd9cadd05ad7ce96069c6ee8d7b83c21db2000b36febf7b42f9d6b40734e796dea8b78072be41dbcf8da3eb59ade5bf5fb491e2b036692a3b8624a13116cbeb3dbfb95f50943bafa9b515c408bd5936809091bde14028a49fc0b4a80656c42fdf46a7178485502d9fe2eaea22a39764c0e251ab06ccd86f0ef466ad1e0c8d49bac7ce21fe347144b12c9286163bcca0b402d8d1e", &(0x7f0000000d40)="661b35d8978d6ce848e351ed172978acc9d39c0069a13c504ae242c98e", 0xda, 0x1d})
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000dc0)={0x5, 0x0, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000e00)={0x100})

1m32.727588244s ago: executing program 8 (id=964):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)={0x3, 0x0, [{0x40000003, 0x0, 0xffffffffffffffff}, {0xc0010140, 0x0, 0x7}, {0x8fb}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000080)="6466410f3835446f0948b8f22a0000000000000f23d00f21f835000000000f23f8baf8a2c4b9340b00000f32ef66bafc0ced66baf80cb8c0b90788ef66bafc0cb87ecc0000eff080990010000000b900030000b8a046b5d3ba000000000f30450f208266b818000f00d866b82e010f00d866b88b008ee0", 0x77}], 0x1, 0x46, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m32.639300971s ago: executing program 7 (id=965):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f00000000c0)={0x4, 0xf000, 0x800, 0x1, 0x4})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000200)="0f06b805000000b90b0000000f01d9b9800000c00f3235000100000f30450f2370c442bdbff00f20d835200000000f22d80f01d10f01c80f01ca262666f3400f01e8", 0x42}], 0x1, 0x10, &(0x7f0000000540)=[@flags={0x3, 0x40}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m32.359697478s ago: executing program 6 (id=966):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000080)="6766c74424005c2bb7866766c7442402966e42c06766c744240600000000670f0114240f1c3bf2268f87b500b8bb008ed00f22dc0f07b8b4000f00d8660f388056d7b8b5008ee0f20f2c8a4caf", 0x4d}], 0x1, 0x51, &(0x7f0000000200)=[@cr0={0x0, 0xa000000c}, @efer={0x2, 0x900}], 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="b99c0b0000b800c00000ba000000000f30b9150a00000f3266b833018ee0b9800000c00f3235008000000f3042df5a99660fd96a0db9b30b00000f3248b85f01a35f000000000f23c00f21f835010006000f23f866b84b008ed0460f01f8", 0x5e}], 0x1, 0x50, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r1, 0x4020aed2, &(0x7f0000000140)={0x8080000, 0x2000, 0x8})

1m1.655756017s ago: executing program 38 (id=966):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000080)="6766c74424005c2bb7866766c7442402966e42c06766c744240600000000670f0114240f1c3bf2268f87b500b8bb008ed00f22dc0f07b8b4000f00d8660f388056d7b8b5008ee0f20f2c8a4caf", 0x4d}], 0x1, 0x51, &(0x7f0000000200)=[@cr0={0x0, 0xa000000c}, @efer={0x2, 0x900}], 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="b99c0b0000b800c00000ba000000000f30b9150a00000f3266b833018ee0b9800000c00f3235008000000f3042df5a99660fd96a0db9b30b00000f3248b85f01a35f000000000f23c00f21f835010006000f23f866b84b008ed0460f01f8", 0x5e}], 0x1, 0x50, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r1, 0x4020aed2, &(0x7f0000000140)={0x8080000, 0x2000, 0x8})

1m1.608681693s ago: executing program 39 (id=965):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f00000000c0)={0x4, 0xf000, 0x800, 0x1, 0x4})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000200)="0f06b805000000b90b0000000f01d9b9800000c00f3235000100000f30450f2370c442bdbff00f20d835200000000f22d80f01d10f01c80f01ca262666f3400f01e8", 0x42}], 0x1, 0x10, &(0x7f0000000540)=[@flags={0x3, 0x40}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m1.562122837s ago: executing program 40 (id=964):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)={0x3, 0x0, [{0x40000003, 0x0, 0xffffffffffffffff}, {0xc0010140, 0x0, 0x7}, {0x8fb}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000080)="6466410f3835446f0948b8f22a0000000000000f23d00f21f835000000000f23f8baf8a2c4b9340b00000f32ef66bafc0ced66baf80cb8c0b90788ef66bafc0cb87ecc0000eff080990010000000b900030000b8a046b5d3ba000000000f30450f208266b818000f00d866b82e010f00d866b88b008ee0", 0x77}], 0x1, 0x46, &(0x7f00000000c0), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3.470812415s ago: executing program 9 (id=1236):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x36)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000080)="f30f09400f01d103f40666420fe1b10f000000c4e1c65c9b0000000043a5c4e2c5ac59a96667450f208666ba2000b8e30f4a78efc4e2f99721", 0x39}], 0x1, 0x30, &(0x7f00000000c0)=[@cstype3={0x5, 0x7}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f00000001c0)="3666f2ad670f1f40002e0f3066b80c0000000f23d00f21f866353000000b0f23f866b9800000c00f326635001000000f300f18eb65f20f300fda3df30fc7b50000640f79e0", 0x45}], 0x1, 0x10, &(0x7f0000000180)=[@cstype3={0x5, 0x1}], 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
ioctl$KVM_CREATE_IRQCHIP(r10, 0xae60)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000140)=@arm64={0xd, 0xb5, 0x4, '\x00', 0x7})
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000100)={0x5, 0x10})
r11 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000a00)={0x0, &(0x7f0000000b00)=[@nested_amd_set_intercept={0x181, 0x30, {0x1, 0x4548, 0x29a2, 0x1}}, @nested_create_vm={0x12d, 0x18, 0x1}, @rdmsr={0x66, 0x18, {0x375}}, @nested_amd_clgi={0x17f, 0x10}, @in_dx={0x69, 0x20, {0x5d0c, 0x2}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @control_area=0x93, 0x4, 0x81}}, @nested_amd_inject_event={0x180, 0x38, {0x3, 0x90, 0x1, 0x4}}, @cpuid={0x64, 0x18, {0xa79, 0x8}}, @wrmsr={0x65, 0x20, {0x21d, 0x4}}, @code={0xa, 0x50, {"f3260f35c7442400b9000000c744240201000000ff1c24640fc7592d4c006900000f01d1642e440f060f005e000f01ca8f697c802644ffceb9080900000f32"}}, @in_dx={0x69, 0x20, {0xeb3b, 0x3}}, @nested_amd_invlpga={0x17d, 0x20, {0xeeee0000, 0xcb26}}, @code={0xa, 0x82, {"0f20e035080000000f22e0660f38823c6dd9000000430f001fc744240019010000c744240209300000ff2c2448b800800000000000000f23c80f21f835040020000f23f848b809000000000000000f23d00f21f8352000000e0f23f82e460f01c8440f01d10fe2ba46295269c481f850c4"}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x2, @ro_nat=0x640a, 0xffffffffffffffca, 0x2}}, @uexit={0x0, 0x18, 0x401}, @nested_amd_vmsave={0x183, 0x18, 0x1}, @wr_crn={0x67, 0x20, {0x4, 0x4}}, @code={0xa, 0x4f, {"660f5a67c5c4621d3c770e48b83b000000000000000f23d00f21f835300000030f23f80f011f46ca004066b8a2008ed8d9f564400f01c3430f23eb0f01c5"}}, @nested_amd_clgi={0x17f, 0x10}, @nested_create_vm={0x12d, 0x18, 0x2}, @wrmsr={0x65, 0x20, {0x0, 0x7ff}}, @nested_create_vm={0x12d, 0x18, 0x2}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x1, @control_area=0x73, 0x4, 0x9, 0xf}}, @rdmsr={0x66, 0x18, {0xb93}}, @set_irq_handler={0xc8, 0x20, {0xb9, 0x1}}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @nested_amd_vmsave={0x183, 0x18, 0x1}, @set_irq_handler={0xc8, 0x20, {0x4a}}, @nested_vmlaunch={0x12f, 0x18, 0x1}], 0x459})
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000ac0)=[@textreal={0x8, &(0x7f0000000a40)="baf80c66b8c4a0bd8566efbafc0cb8b900efe5066565d9ee660fe93e0000ceba4000ec0f3066b80e0000000f23d00f21f866350000000f0f23f8363e0f01b10078f36d", 0x43}], 0x1, 0x9, &(0x7f0000000b00), 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@x86={0x0, 0x2, 0xd, 0x0, 0xe81, 0x7f, 0xfe, 0x2, 0x6, 0x11, 0x0, 0x4, 0x0, 0x3f7, 0xd, 0x20, 0xb, 0x3, 0x6, '\x00', 0x4, 0x7ff})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xa2080, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.470248424s ago: executing program 0 (id=1237):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000240)="c744240038000000c74424027e12568cc7442406000000000f011424490fc728c461f1d3edb805000000b960fb00000f01d926f3460f0966ba6100edc4c281b6bc5200000080c4010d610d31000000f2f2660f0d6966b9ea0200000f32", 0x5d}], 0x0, 0x58, &(0x7f0000000540), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000ec0)={0x0, &(0x7f0000000a80)=[@out_dx={0x6a, 0x28, {0x692a, 0x0, 0x6}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @control_area=0x53, 0x9, 0x4, 0xb}}, @cpuid={0x64, 0x18, {0x1, 0x4}}, @nested_create_vm={0x12d, 0x18, 0x3}, @nested_amd_vmsave={0x183, 0x18, 0x3}, @nested_amd_stgi={0x17e, 0x10}, @wrmsr={0x65, 0x20, {0x938, 0x1}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x3, @save_area=0x425, 0xffff, 0x3, 0x100000001}}, @nested_amd_vmsave={0x183, 0x18, 0x1}, @nested_amd_invlpga={0x17d, 0x20, {0xa000, 0x411b}}, @code={0xa, 0x4e, {"3e440f1c7500650f01cb660f380975f3440f20c03506000000440f22c065f36f66ba4300ec2e65f30f16462b660f6559b066b897008ed0f22e0f0fcb9e"}}, @nested_vmresume={0x130, 0x18, 0x3}, @nested_amd_set_intercept={0x181, 0x30, {0x1, 0x5, 0xc}}, @nested_amd_inject_event={0x180, 0x38, {0x2, 0x59, 0x1, 0x80, 0x3}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x1, @control_area=0x38, 0xffffffffffff33fe, 0xfe, 0x4}}, @nested_vmresume={0x130, 0x18, 0x5}, @nested_vmresume={0x130, 0x18, 0x1}, @rdmsr={0x66, 0x18, {0x9cf}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x3, @control16=0x2, 0x7f, 0x1ff, 0xd7a}}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @nested_amd_invlpga={0x17d, 0x20, {0xdddd1000, 0x4726}}, @nested_amd_clgi={0x17f, 0x10}, @nested_amd_inject_event={0x180, 0x38, {0x0, 0xfe, 0x1, 0xac6, 0x1}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @control_area=0x4e, 0x401, 0x9, 0x7fffffff}}, @wrmsr={0x65, 0x20, {0xc0000104, 0x3}}, @out_dx={0x6a, 0x28, {0x5b1e, 0x3, 0x3}}, @nested_amd_set_intercept={0x181, 0x30, {0x0, 0x4, 0x5, 0x1}}, @uexit={0x0, 0x18, 0x1}], 0x416})
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r7, 0x4018aee3, &(0x7f0000000f40)=@attr_other={0x0, 0xffff, 0x3, &(0x7f0000000f00)=0x7})
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f00007cf000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000100)="66baf80cb8febe1287ef66bafc0c66b8247b66ef66b8f5000f00d866baf80cb85385ca8def66bafc0cb008eef20f5f690f0fc7ab647d00000f01cab90f0300000f32b9ae0b00000f32c74424008e000000c744240200000000ff1c246526410f00dc", 0x62}], 0x1, 0xa, &(0x7f00000000c0)=[@flags={0x3, 0x610}], 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r9 = eventfd2(0xc, 0x80801)
r10 = eventfd2(0x7, 0x80000)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r9, 0x7, 0x3, r10})
r11 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f00000001c0)={0x41000, 0x11000})
syz_kvm_setup_cpu$x86(r8, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000a00)={0x0, &(0x7f0000000580)=[@nested_load_code={0x12e, 0x5d, {0x1, "c44105f2d10f20d835080000000f22d866baf80cb8355c3484ef66bafc0cec0f01c2b9670800000f322e6547e688c4a27d13093e410f01cf0f96b67eae000066b83f008ed8"}}, @nested_load_syzos={0x136, 0x148, {0x0, 0xba0, [@nested_vmresume={0x130, 0x18, 0x3}, @nested_amd_clgi={0x17f, 0x10}, @set_irq_handler={0xc8, 0x20, {0x89}}, @uexit={0x0, 0x18, 0x3}, @set_irq_handler={0xc8, 0x20, {0xa0, 0x2}}, @nested_amd_stgi={0x17e, 0x10}, @code={0xa, 0x68, {"3664650f01b95964d020670fc7790066660fe65d02470f09652e450fc7584166baf80cb8f4644d84ef66bafc0cec26410f0f1d0600000094b94b090000b8873b0000ba000000000f30c40185e9b8000000003e440f79f3"}}, @nested_amd_set_intercept={0x181, 0x30, {0x3, 0x1, 0x7, 0x1}}]}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x3, @control16, 0x5868, 0x65, 0xffffffff}}, @nested_amd_vmload={0x182, 0x18}, @set_irq_handler={0xc8, 0x20, {0xec, 0x2}}, @nested_amd_clgi={0x17f, 0x10}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_vmload={0x182, 0x18, 0x1}, @set_irq_handler={0xc8, 0x20, {0x23, 0x2}}, @set_irq_handler={0xc8, 0x20, {0xf5, 0x2}}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @nested_amd_vmload={0x182, 0x18}, @nested_load_syzos={0x136, 0x40, {0x1, 0xe7, [@wr_drn={0x68, 0x20, {0x0, 0x5}}]}}, @nested_amd_vmsave={0x183, 0x18, 0x2}, @nested_amd_inject_event={0x180, 0x38, {0x0, 0x4b, 0x3, 0x7}}, @out_dx={0x6a, 0x28, {0xa64e, 0x4, 0x14e}}, @nested_vmresume={0x130, 0x18}, @out_dx={0x6a, 0x28, {0xcc97, 0x2, 0x2}}, @out_dx={0x6a, 0x28, {0x3692, 0x6, 0x2}}, @cpuid={0x64, 0x18, {0x2, 0x8}}, @code={0xa, 0x52, {"66baf80cb80802b58def66bafc0c66b86d6766ef26430f0b360fc4ec092e66400f38802f66b838008ed82e0f07640f747ce6f3c4815f7c2b66b814008ec8400f08"}}], 0x447})
ioctl$KVM_DIRTY_TLB(r12, 0x4010aeaa, &(0x7f0000000a40)={0x2000000000000000, 0x453b})
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000200)={0x8, 0x0, 0x5})
munmap(&(0x7f0000001000/0x2000)=nil, 0x2000)

2.880241306s ago: executing program 0 (id=1240):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000080)="6766c74424005c2bb7866766c7442402966e42c06766c744240600000000670f0114240f1c3bf2268f87b500b8bb008ed00f22dc0f07b8b4000f00d8660f388056d7b8b5008ee0f20f2c8a4caf", 0x4d}], 0x1, 0x20, &(0x7f0000000200)=[@flags={0x3, 0x112401}, @efer={0x2, 0x900}], 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000100)="2e360fc7b63300000066baf80cb87800088bef66bafc0ced0f00d80f08f30f090fc7996a000000470f626c51a6f3460f1ec667640fc77ce0bd266644e900000000673ef242d9f2", 0x61}], 0x1, 0x6, &(0x7f0000000540), 0x1)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x1)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
write$eventfd(0xffffffffffffffff, &(0x7f0000000000)=0x2, 0x8)
munmap(&(0x7f0000c04000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000433000/0x2000)=nil, 0x2000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r14, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000001c0)="0f20d86635200000000f22d8f30fc77006f3d3d366b800a000000f23d80f21f86635c00000500f23f8640f01c5360f00dbbaf80c66b8e704838b66efbafc0cec260f209dbaf80c66b84627838e66efbafc0ced0f01c4", 0x56}], 0x1, 0xa, &(0x7f0000000540)=[@cstype3={0x5, 0x41}], 0x1)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@x86={0x0, 0x2, 0x8d, 0x0, 0xe81, 0x5, 0xfe, 0x2, 0x6, 0x11, 0x0, 0x4, 0x0, 0x3ff, 0xd, 0x20, 0xb, 0x3, 0x6, '\x00', 0x4, 0x7ff})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="b99c0b0000b800c00000ba000000000f30b9150a00000f3266b833018ee0b9800000c00f3235008000000f3042df5a99660fd96a0db9b30b00000f3248b85f01a35f000000000f23c00f21f835010006000f23f866b84b008ed0460f01f8", 0x5e}], 0x1, 0x50, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)

1.713682654s ago: executing program 9 (id=1242):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x10, &(0x7f00000000c0)=[@dstype0={0x6, 0x4}], 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x99)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000080)={0x0, 0x2, 0x4})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r9, 0xc008ae88, &(0x7f0000000000)={0x4, 0x0, [{0x17b, 0x0, 0xfffffffffffff58e}, {0x0, 0x0, 0x4}, {0xb19, 0x0, 0x64}, {0x97c, 0x0, 0x1}]})
syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)

1.470750782s ago: executing program 1 (id=1243):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x381801, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x2, 0x3e, '\x00', 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.41079518s ago: executing program 1 (id=1244):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000002c0)={0x1, 0x0, @ioapic={0xa000, 0x9, 0x2, 0x8, 0x0, [{0x7, 0x5, 0x2, '\x00', 0x80}, {0x3, 0xa, 0xff, '\x00', 0x27}, {0x69, 0x3, 0x8d, '\x00', 0x5}, {0x7, 0x7, 0x3}, {0x81, 0x6, 0x8, '\x00', 0xd8}, {0x1, 0x6, 0x1, '\x00', 0x6}, {0x80, 0xc8, 0x6, '\x00', 0x4}, {0xe1, 0x0, 0x4, '\x00', 0x5}, {0x0, 0x9, 0x9, '\x00', 0x40}, {0xe1, 0x7, 0xe, '\x00', 0x7}, {0x4, 0x66, 0x2, '\x00', 0xe3}, {0x3, 0x6, 0x1, '\x00', 0x5}, {0x4, 0x7, 0x15, '\x00', 0x80}, {0xe, 0xec, 0x92, '\x00', 0x6}, {0xf, 0x10, 0xa, '\x00', 0x30}, {0xfc, 0x4, 0x0, '\x00', 0x9}, {0x1, 0xf1, 0x6, '\x00', 0x4}, {0xf7, 0x56, 0x3, '\x00', 0x1}, {0x9, 0x7f, 0x1, '\x00', 0x4}, {0x3, 0x9, 0x80, '\x00', 0xe}, {0x8, 0x3, 0xb, '\x00', 0x9}, {0x6, 0xb, 0xc, '\x00', 0x8}, {0x0, 0x8, 0x5, '\x00', 0xd}, {0x8, 0x6, 0x0, '\x00', 0xf}]}})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000080)="6766c74424005c2bb7866766c7442402966e42c06766c744240600000000670f0114240f1c3bf2268f87b500b8bb008ed00f22dc0f07b8b4000f00d8660f388056d7b8b5008ee0f20f2c8a4caf", 0x4d}], 0x1, 0x51, &(0x7f0000000200)=[@cr0={0x0, 0xa000000c}, @efer={0x2, 0x900}], 0x2) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000240)="66b98602000066b80600000066ba000000000f30f30fc73600500f810600660f3881807f000f17681366b8c40000000f23c00f21f86635010000000f23f86664660f388093e98b67660f383ed90f20e06635800000000f22e067670f01ca", 0x5e}], 0x1, 0x4, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1) (async)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
close(r6)

1.27090188s ago: executing program 9 (id=1245):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000080)="6eb8b96c03220000b85a00000066ba000000000f300f204c6635000000800f2283c0c00f10f60f95cb660f29760066b9a70300000f32660f3882970006ba43003e660f3828940068ef0fc7373e0f7828", 0x50}], 0x1, 0x5e, &(0x7f0000000040)=[@dstype0={0x6, 0xc}, @cstype0={0x4, 0xd}], 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000080)=@x86={0x5, 0x8b, 0x1, 0x0, 0x0, 0x6, 0x5, 0x1, 0x29, 0x1, 0x9, 0x8, 0x0, 0xfffffff8, 0x3, 0xf2, 0x88, 0xe0, 0x5, '\x00', 0x12})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f0000000100)="2e360fc7b63300000066b846000f00d80f08f30f090fc7996a000000b9b10900000f32f3460f1ec6f20f704f0ee2266644e900000000673ef242d9f2", 0x3c}], 0x1, 0x46, &(0x7f00000000c0)=[@cr0={0x0, 0x2a}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.269741975s ago: executing program 1 (id=1246):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000100)="0f7950950f2014f0fe87580000000fc7ad0b0000000f01cb66b8d5008ee0ff0bededd70f00d2b9800000c00f3235001000000f30", 0x34}], 0x1, 0x18, &(0x7f00000004c0)=[@cr4={0x1, 0x2000}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x1, 0x62, 0x1, '\x00', 0x7})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4188aea7, &(0x7f0000000040)={0x0, 0x199, [{0x6, 0x0, 0xffffffffffffffff}, {0x8, 0x0, 0x7f}, {0x3, 0x0, 0x19}, {0x436d, 0x0, 0x2ef}, {0x8002}, {0x0, 0x0, 0x4f}, {0x9, 0x0, 0xbcc0}, {0x9, 0x0, 0x4}, {0x80006f87, 0x0, 0xfffffffffffffffc}, {0x401, 0x0, 0x7}, {0x1, 0x0, 0x2}, {0x5, 0x0, 0x995}, {0x8, 0x0, 0x8}, {0x4, 0x0, 0x6145}, {0xffffffff, 0x0, 0x76}, {0xdc0, 0x0, 0x80}]})
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x3)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0xa8, 0x0, 0x2})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000100)=@x86={0x0, 0x1, 0x6, 0x0, 0xfffffffe, 0x9, 0x2, 0x4, 0xdc, 0xe0, 0x3, 0x8, 0x0, 0x5201, 0x2, 0x5, 0x74, 0x7, 0x3, '\x00', 0x0, 0x9})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xa0000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x7)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r7, 0x4020aed2, &(0x7f0000000080)={0x25000, 0xe000, 0x8})
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r7, 0x4020aed2, &(0x7f0000000000)={0x2000, 0x2000})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f00000000c0)="66b8010000000f01d9640f799e040066b9800000c00f326635002000000f3066b8000001000f23c00f21f86635010002000f23f8f366d8ea65646666643e66660f65cd3e0f01fabaf80c66b8b07f6a8766efbafc0c66b82f00000066ef66b9800000c00f326635002000000f3066b9d508000066b80048000066ba000000000f30", 0x81}], 0x1, 0x10, &(0x7f00000002c0)=[@dstype0={0x6, 0x5}, @dstype3={0x7, 0xe4}], 0x2)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f00007bf000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000340)="0f0fbd0a009eb8e1000f00d8baf80c66b8d6b6c78666efbafc0ced660f3880990f000f063e0f07f566b8010000000f01d90f00d2660f751d", 0x38}], 0x1, 0x0, &(0x7f00000000c0)=[@flags={0x3, 0x2e92}], 0x1)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000240)={[{0x10000, 0xe, 0x5, 0x7, 0xb, 0x4, 0x6, 0x9, 0x52, 0x4, 0x1, 0x3, 0x3}, {0x1, 0x4, 0x7, 0x4, 0x1, 0xfa, 0x2, 0xff, 0x7, 0x0, 0x2, 0x7, 0xfffffffffffffff7}, {0x7fff, 0x5cc, 0x48, 0x80, 0xe6, 0xc, 0x8, 0x5c, 0x1, 0x5, 0x6, 0x90, 0x2}], 0x40})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)

1.200836593s ago: executing program 0 (id=1247):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000140)) (async)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000100)="440f01dfb9d10800000f32c4c31d5db65fcf0000650f23b9f30f0f01b066baf80cef66bafc0ced43e3842e0f015f00440f0138660f3a631835", 0x39}], 0x1, 0x51, &(0x7f0000000200)=[@cr0={0x0, 0xa000000c}, @efer={0x2, 0x900}], 0x2) (async)
munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000) (async, rerun: 64)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (rerun: 64)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) (async)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r5, 0xae04) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
mmap$KVM_VCPU(&(0x7f0000db4000/0x1000)=nil, 0x0, 0x200000c, 0x40010, 0xffffffffffffffff, 0x0) (async)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x1)
ioctl$KVM_SET_GUEST_DEBUG_x86(r11, 0x4048ae9b, &(0x7f0000000100)={0xd0001, 0x0, {[0xd7b7, 0x400, 0x101, 0x2, 0x754, 0x33, 0x6, 0x200000033ba7db64]}}) (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x1)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r14, 0x4008ae89, &(0x7f0000000040)={0x6, 0x0, [{0x4b564d01, 0x0, 0x9}, {0x2e8, 0x0, 0x8}, {0x8a7, 0x0, 0x7f}, {0x250, 0x0, 0x40}, {0x99f, 0x0, 0xffffffff}, {0xb68, 0x0, 0x401}]}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r15, 0xae01, 0x1)

1.030448402s ago: executing program 0 (id=1248):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000240)={{0xfec00000, 0x120000, 0xd, 0x5, 0x4, 0x81, 0xfd, 0x8, 0x4, 0x5, 0x7, 0x8}, {0xe000, 0x7000, 0xe, 0xd2, 0x9, 0x2, 0xe, 0xd, 0xa, 0x1, 0x84}, {0xc000, 0x70000, 0xd, 0x4, 0x8, 0xb, 0xa, 0x0, 0x3, 0x3, 0x4, 0x9}, {0xdddd1000, 0x3000, 0x10, 0x6, 0x10, 0x8, 0x1, 0x3, 0x6, 0x5, 0x80, 0xc}, {0x4, 0xb000, 0xe, 0x4, 0x6, 0x2, 0xb7, 0x9c, 0x5, 0x5, 0x1b, 0xfe}, {0x4000, 0xdddd0000, 0x0, 0x7, 0x7, 0xa, 0x0, 0x81, 0xb7, 0x2, 0x6, 0x5}, {0x9000, 0x54000, 0xe, 0x10, 0x7, 0x7, 0xfa, 0x10, 0x8, 0x4, 0x16, 0xb}, {0x4000, 0x74ef45b8107f0fc7, 0x10, 0x0, 0x5, 0x7, 0x9, 0x8, 0x9, 0x6, 0x8, 0x8}, {0x41000, 0x1}, {0x30000, 0xba}, 0x80000010, 0x0, 0x10000, 0x8, 0x7, 0x0, 0x7000, [0x7f7fffffffffffff, 0x800, 0x1, 0xf1]})
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000200)={[0x80f8000, 0x8000000, 0x41000, 0x1000], 0x9})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x0, 0x2, 0x3e, '\x00', 0x4})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
ioctl$KVM_GET_API_VERSION(r3, 0x5452, 0x110c230020)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r3, 0x8008ae9d, &(0x7f0000000080))
ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000040)={0x4500000000000000, 0xb000, 0x6, 0x1, 0x15})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

940.990989ms ago: executing program 9 (id=1249):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0xb000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000080)="b8c2000f00d8646765660f73d99af0fe4167652e0f060f01c2ea00085700ff5a6464f30fe620262e2667363e0fc75c800067f20f38f1e6", 0x37}], 0x1, 0x46, &(0x7f00000000c0)=[@dstype0={0x6, 0xd}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0x1)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000040)="2e0f01c8660f38811e0fc72b0f00919b331a82f30fc7b575880000ff290f01df0f20da0f01cb66660f6a3e", 0x2b}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000012000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000001c0)="660f3880160000650f78590cb842038ec064f20f3566b9020a00000f320f221c26a7baf80c66b8077b668e66efbafc0cec3e660fc7b4f9ff", 0x38}], 0x1, 0x8, &(0x7f0000000180), 0x0)
syz_kvm_setup_cpu$x86(r0, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="6766c7442400000000006766c7442402000000006766c744240600000000670f011424baf80c66b86f90738166efbafc0cec0f080f20d86635200000000f22d89a0d0002010f30b85c000f00d8cef08293a700000f01be0400", 0x59}], 0x1, 0x6, &(0x7f00000004c0)=[@flags], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@arm64={0x3, 0x4, 0x10, '\x00', 0x3})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="f8eab5f75b00baf80c66b8ecd4218766efbafc0c66edbaf80c66b820c2488466efbafc0c66b8aa00000066efb8b2000f00d0363ef3a7f00fab0e00806766c7442400050000006766c7442402590000006766c744240600000000670f011424f2640f015b100f01d1", 0x68}], 0x1, 0x0, &(0x7f0000000140)=[@dstype3={0x7, 0x6}], 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x339900, 0x0)
r10 = ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece)
ioctl$KVM_CAP_X2APIC_API(r10, 0x4068aea3, &(0x7f0000000180)={0x81, 0x0, 0x1})
r11 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r11, 0xae60)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r11, 0x8208ae63, &(0x7f0000000440)={0x2, 0x0, @pic={0x0, 0x7, 0x9a, 0xa2, 0x0, 0xea, 0x9, 0xd, 0x6, 0x0, 0x2, 0x1, 0x8, 0x8, 0x3, 0x3}})
ioctl$KVM_RUN(r12, 0xae80, 0x0)

940.636108ms ago: executing program 1 (id=1250):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0xae5, 0x0, 0xe3}, {0x0, 0x0, 0x7}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000080)="2ef30f1ef6b8010000000f01d9f30faef7440f20c0350a000000440f22c066b81f010f00d8f0825b8add66baf80cb85c5c5f8fef66bafc0cb827000000ef66e9d504ed66baf80cb898f2eb89eff30fa7c8b80000c0feef0fc75b00", 0x5b}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)=@x86={0x0, 0x2, 0xd, 0x0, 0xe81, 0x5, 0xfe, 0x2, 0x6, 0xc, 0x0, 0x4, 0x0, 0x3f7, 0xd, 0x20, 0xb, 0x3, 0x6, '\x00', 0x4, 0x7})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

940.025089ms ago: executing program 0 (id=1251):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000000c0)={0x7, 0x0, [{0x400000f1, 0x0, 0x3}, {0x29d, 0x0, 0x6fb8c17e}, {0xace}, {0x8e5, 0x0, 0x31}, {0x9f6, 0x0, 0xe}, {0x95e, 0x0, 0xe}, {0x630, 0x0, 0x5}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000080)="6766c74424005c2bb7866766c7442402966e42c06766c744240600000000670f0114240f1c3bf2268f87b500b8bb008ed00f22dc0f07b8b4000f00d8660f388056d7b8b5008ee0f20f2c8a4caf", 0x4d}], 0x1, 0x51, &(0x7f0000000200), 0x0) (async)
ioctl$KVM_GET_MSRS_cpu(r5, 0xc008ae88, &(0x7f0000000100))
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000200)="66b80500000066b9bc8000000f01d90fc7acc661baa10066b80000000066ef0f01d13cae64640f01c50f0f0790e058ed0f215bbaf80c66b811dff08eb87d008ed8bafc0cec", 0x45}], 0x1, 0xd807f916f4a3e29d, &(0x7f0000000140)=[@vmwrite={0x8, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3}], 0x1) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
ioctl$KVM_RUN(r8, 0xae80, 0x0) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x1)
ioctl$KVM_REGISTER_COALESCED_MMIO(r11, 0x4010ae67, &(0x7f00000001c0)={0x10000, 0x12000}) (async)
close(r11)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0x1000, 0x1000, &(0x7f0000001000/0x1000)=nil}) (async)
syz_kvm_setup_cpu$x86(r1, r9, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000340)=[@textreal={0x8, &(0x7f0000000180)="0f20d86635200000000f22d80fc774c3f30f2cd2baf80c66b883eee38b66efbafc0cb000eec609dfcb0f01c30f20d86635200000000f22d80f320fbf750e", 0x3e}], 0x1, 0x16, &(0x7f0000000380)=[@cstype0={0x4, 0x2}, @cr0={0x0, 0x80000025}], 0x2)
syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x5a, &(0x7f00000001c0)=[@flags={0x3, 0x6000}, @dstype3={0x7, 0x2}], 0x2)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x1)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r13, r14, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000240)="66b98602000066b80600000066ba000000000f30f30fc73600500f810600660f3881807f000f17681366b8c40000000f23c00f21f86635010000000f23f86664660f388093e98b67660f383ed90f20e06635800000000f22e067670f01ca", 0x5e}], 0x1, 0x4, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1) (async)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000280)={0x3, 0x0, [{0x3, 0x1, 0x0, 0x0, @msi={0x9, 0x4, 0xfffffffd, 0x2}}, {0x9, 0x3, 0x0, 0x0, @adapter={0x2, 0x73f, 0x6, 0x4, 0xf}}, {0x6, 0x1, 0x1, 0x0, @sint={0xe59, 0xbd}}]}) (async, rerun: 64)
r15 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) (rerun: 64)
close(r15)

619.87505ms ago: executing program 0 (id=1252):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1000000000003b)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000015000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, &(0x7f0000000100)="66b98f0200000f320f20e06635002000000f22e00f01cb6766c7442400e92300006766c74424020c8000006766c744240600000000670f011c24260ff7c5baf80c66b8c088d58566efbafc0c66b80300000066ef0f01cf66b9800000c00f326635004000000f300f01cb0f73d6a0", 0x6e}], 0x1, 0x10, &(0x7f0000000040)=[@cstype3={0x5, 0x1}], 0x1)
r5 = eventfd2(0x8, 0x0)
write$eventfd(r5, &(0x7f0000000140)=0xfffffffffffffffc, 0x8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28282, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f0000000040)={0x40000, 0x2000, 0x10001, 0x1, 0x45ee})
write$eventfd(r5, &(0x7f00000000c0)=0x3, 0x8)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f00007cf000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000040)="baf80c66b8120b978266efbafc0cedff1cca00000f20c06635200000000f22c00f7918ba2100b8efe5ef0f78cd0f6600660f380077e9ba2000b8afb4ef", 0x3d}], 0x1, 0xa, &(0x7f00000000c0)=[@flags={0x3, 0x610}], 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

619.425245ms ago: executing program 1 (id=1253):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000080)="6766c74424005c2bb7866766c7442402966e42c06766c744240600000000670f0114240f1c3bf2268f87b500b8bb008ed00f22dc0f07b8b4000f00d8660f388056d7b8b5008ee0f20f2c8a4caf", 0x4d}], 0x1, 0x51, &(0x7f0000000200)=[@cr0={0x0, 0xa000000c}, @vmwrite={0x8, 0x0, 0x4, 0x0, 0x1, 0x0, 0x2, 0x0, 0x5}], 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000240)="66b98602000066b80600000066ba000000000f30f30fc73600500f810600660f3881807f000f17681366b8c40000000f23c00f21f86635010000000f23f86664660f388093e98b67660f383ed90f20e06635800000000f22e067670f01ca", 0x5e}], 0x1, 0x4, &(0x7f0000000040)=[@cstype3={0x5, 0xe}], 0x1) (async)
ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f0000000100)={0x8, 0x2}) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x820202, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = eventfd2(0xb, 0x80801)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000040)={r8, 0xfffffff8})
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f0000000080)={r8, 0x3, 0x1})
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000280)={0x3, 0x0, [{0x3, 0x1, 0x0, 0x0, @irqchip={0xe, 0x1}}, {0x9, 0x3, 0x0, 0x0, @adapter={0x2, 0x5, 0x6, 0x4, 0xf}}, {0x6, 0x1, 0x1, 0x0, @sint={0xe59, 0xbd}}]}) (async)
r9 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r10, 0xc008aec1, &(0x7f0000000040)={0xa, 0x0, [{0x1, 0x5, 0x3, 0x800, 0x7, 0x3a3, 0x6}, {0x1, 0x4b, 0x0, 0x8001, 0x463c, 0x8, 0x8}, {0x80000019, 0x2, 0x7, 0x800, 0x80000001, 0xfffffffb, 0x8}, {0x80000008, 0x4, 0x0, 0x400, 0x1, 0x8, 0x9}, {0x80000001, 0x1, 0x5, 0x3000, 0x3484, 0xf10e, 0x5ab}, {0xc0000000, 0xc8, 0x0, 0x1, 0x3, 0x0, 0x2}, {0x80000019, 0x445c000, 0x0, 0x5be3, 0x1, 0x9, 0x1}, {0x0, 0x5, 0x3, 0x200, 0x7f, 0x3, 0x7}, {0x7, 0x401, 0x1, 0x1000, 0x7, 0xff10, 0x101}, {0x80000008, 0x7, 0x7, 0x9, 0x0, 0x7, 0x8000}]}) (async)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r12 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f000001c000/0x2000)=nil, r12, 0xc, 0x8010, r2, 0x0) (async)
r13 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r13, 0xae60)
ioctl$KVM_SET_IRQCHIP(r13, 0x8208ae63, &(0x7f0000000040)={0x2, 0x0, @pic={0x81, 0x6, 0x4, 0xfd, 0xc, 0x3, 0x7, 0x1, 0xf9, 0x3, 0x3, 0x8, 0x6, 0x1, 0x0, 0x4}}) (async)
close(r9) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f00000003c0)="0f63e8baf80c66b8c438228a66efbafc0c66b80000000066efb8b9000f00d00f786000b8de000f00d80f795f000f01c366b9670a00000f32660fe3c6baf80c66b808bd358266efbafc0cb891daef", 0x4e}], 0x1, 0x4c, &(0x7f0000000440)=[@dstype0={0x6, 0xa}, @cstype3={0x5, 0xa}], 0x2) (async)
ioctl$KVM_CAP_X86_GUEST_MODE(r13, 0x4068aea3, &(0x7f0000000340)) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)

410.062114ms ago: executing program 1 (id=1254):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000180)={0xa4, 0x0, 0x1})
ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000200))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$x86(r4, &(0x7f0000c00000/0x400000)=nil)
r6 = syz_kvm_add_vcpu$x86(r5, &(0x7f0000000280)={0x0, &(0x7f00000005c0)=[@wr_crn={0x67, 0x20, {0x8, 0x7b}}, @nested_amd_set_intercept={0x181, 0x30, {0x2, 0x8, 0x6, 0x1}}, @nested_amd_inject_event={0x180, 0x38, {0x3, 0x4a, 0x1, 0x8, 0x1}}, @in_dx={0x69, 0x20, {0x1187, 0x1}}, @rdmsr={0x66, 0x18, {0xadf}}, @wrmsr={0x65, 0x20, {0x4b564d00, 0x4}}, @nested_vmlaunch={0x12f, 0x18}, @nested_load_syzos={0x136, 0xe0, {0x2, 0x4, [@nested_load_code={0x12e, 0x60, {0x2, "400f01c38fa96002b14d00000066ba610066ed48b80a000000000000000f23d00f21f835200000090f23f8f044fe0967410f01c4c4e211a77540660f38822726f3440fd6f10f01f8"}}, @enable_nested={0x12c, 0x18}, @nested_vmresume={0x130, 0x18, 0x1}, @nested_vmresume={0x130, 0x18}, @nested_vmresume={0x130, 0x18, 0x1}]}}, @nested_amd_set_intercept={0x181, 0x30, {0x3, 0x2ab, 0x7, 0x1}}], 0x208})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r9, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000440)="66b9800000c00f326635000100000f30670f322e3e660fd4620d0f603464f3af66b98109000066b80800008066ba000000000f3066b94203000066b8351718db66ba805c0b4c0f3066b9130300000f320f32f30b43cf", 0x56}], 0x1, 0x8, &(0x7f00000004c0)=[@dstype0={0x6, 0x8}], 0x1)
r11 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[@nested_amd_invlpga={0x17d, 0x20, {0x40000, 0x8fab}}, @out_dx={0x6a, 0x28, {0x69b8, 0x2, 0x6}}, @uexit={0x0, 0x18, 0x4}, @code={0xa, 0x4b, {"66430ff460da66b80c010f00d8f6ca020f01c4c4c2f92516c4a3fd00be1f4b65162ab8010000000f01d93e64440f01c4420f0d7103c481795bf3"}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x3, @control_area=0xb6, 0x3, 0x6, 0xfffffffffffffdb9}}, @in_dx={0x69, 0x20, {0x833c, 0x6}}, @nested_amd_vmload={0x182, 0x18}, @out_dx={0x6a, 0x28, {0xcc71, 0x0, 0x3}}, @nested_amd_vmload={0x182, 0x18, 0x3}], 0x15b})
ioctl$KVM_SET_VCPU_EVENTS(r11, 0x4040aea0, &(0x7f0000000000)=@arm64={0x4, 0xd, 0x3c, '\x00', 0xfffffffffffff7fb})
ioctl$KVM_RUN(r10, 0xae80, 0x0)

200.618788ms ago: executing program 9 (id=1255):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1)
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000100)={0x128d, 0x6, 0xf3, 0x6, 0xfffffffffffffffe})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x8, 0x0, [{0x40000098, 0x0, 0x4}, {0x847, 0x0, 0xfff}, {0xb16, 0x0, 0x7}, {0x826, 0x0, 0x4}, {0x40000092, 0x0, 0x6}, {0x9fb, 0x0, 0x8}, {0x47e, 0x0, 0x1}, {0x838, 0x0, 0x5}]})
r5 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2e)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f326635002000000f303e660fc7730c66b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c00f326635001000000f30640f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x10, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f0000000040)={0x1000, 0x8000})

0s ago: executing program 9 (id=1256):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a80), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_GET_MSR_FEATURE_INDEX_LIST(r2, 0xc004ae0a, &(0x7f0000000040)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$x86(r3, &(0x7f0000000580)={0x0, &(0x7f0000000180)=[@nested_amd_invlpga={0x17d, 0x20, {0x70000, 0x3b90}}, @nested_create_vm={0x12d, 0x18, 0x1}, @set_irq_handler={0xc8, 0x20, {0xc6, 0x2}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @rdmsr={0x66, 0x18, {0x8bb}}, @nested_amd_invlpga={0x17d, 0x20, {0xeeef0000, 0x8f07}}, @nested_amd_vmsave={0x183, 0x18, 0x2}, @uexit={0x0, 0x18, 0x80}, @out_dx={0x6a, 0x28, {0x4312, 0x5, 0x6}}, @nested_amd_clgi={0x17f, 0x10}, @nested_load_code={0x12e, 0x76, {0x1, "b9800000c00f3235000800000f3066b894008ed03e660f8e07000000660f38829eedf20000f2490faef00f1e9683000000f326650f1e6d032666420f383c1c5a66b819008ee048b808830000000000000f23c00f21f835000006000f23f8"}}, @rdmsr={0x66, 0x18, {0x9b0}}, @uexit={0x0, 0x18}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_vmresume={0x130, 0x18, 0x2}, @nested_amd_vmload={0x182, 0x18, 0x2}, @nested_amd_clgi={0x17f, 0x10}, @nested_amd_clgi={0x17f, 0x10}, @nested_vmresume={0x130, 0x18}, @set_irq_handler={0xc8, 0x20, {0xc9, 0x1}}, @cpuid={0x64, 0x18, {0x5}}, @set_irq_handler={0xc8, 0x20, {0x97, 0x2}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x3, @host64=0x2c04, 0x6, 0x100000001, 0x2}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_create_vm={0x12d, 0x18}, @nested_vmresume={0x130, 0x18}, @out_dx={0x6a, 0x28, {0xe1dd, 0x6, 0x2}}, @enable_nested={0x12c, 0x18}, @in_dx={0x69, 0x20, {0x5215, 0x3}}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @wr_drn={0x68, 0x20, {0x6, 0xf1c}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x3, @save_area=0x502, 0x5, 0x9, 0x6}}], 0x3de})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x1)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, &(0x7f0000000480)="66b9800000c00f32663500200000bc31b8d5078ed066b9800000c00f326635010000000f30f3af0fc7af0f0036660f38036a7466b9800000c0724d356300100000770000770f09ba4200ed260f1dbeb500", 0x51}], 0x1, 0x13, &(0x7f0000000540)=[@cstype3={0x5, 0x1}], 0x1)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r6, 0x4068aea3, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:51630' (ED25519) to the list of known hosts.
syzkaller login: [   56.978804][ T5583] cgroup: Unknown subsys name 'net'
[   57.105083][ T5583] cgroup: Unknown subsys name 'cpuset'
[   57.110209][ T5583] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   58.272515][ T5583] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   62.543864][ T5601] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   62.547373][ T5601] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   62.550567][ T5601] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   62.556182][ T5601] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   62.560968][ T5601] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   62.589057][ T5601] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   62.594578][ T5601] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   62.597795][ T5601] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   62.601330][ T5601] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   62.604792][ T5601] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   62.623029][ T5601] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   62.626926][ T5601] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   62.630377][ T5601] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   62.636315][ T5601] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   62.639669][ T5601] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   63.021373][ T5599] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.024197][ T5599] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.026754][ T5599] bridge_slave_0: entered allmulticast mode
[   63.029513][ T5599] bridge_slave_0: entered promiscuous mode
[   63.033220][ T5599] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.035591][ T5599] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.037935][ T5599] bridge_slave_1: entered allmulticast mode
[   63.040670][ T5599] bridge_slave_1: entered promiscuous mode
[   63.109493][ T5599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.116266][ T5599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.155192][ T5599] team0: Port device team_slave_0 added
[   63.159851][ T5599] team0: Port device team_slave_1 added
[   63.224243][ T5599] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.227099][ T5599] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.237385][ T5599] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.244076][ T5599] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.247030][ T5599] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.257438][ T5599] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.381986][ T5599] hsr_slave_0: entered promiscuous mode
[   63.385236][ T5599] hsr_slave_1: entered promiscuous mode
[   63.398348][ T5608] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.401903][ T5608] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.405346][ T5608] bridge_slave_0: entered allmulticast mode
[   63.409119][ T5608] bridge_slave_0: entered promiscuous mode
[   63.423511][ T5608] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.426502][ T5608] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.429461][ T5608] bridge_slave_1: entered allmulticast mode
[   63.433248][ T5608] bridge_slave_1: entered promiscuous mode
[   63.447361][ T5604] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.450860][ T5604] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.454708][ T5604] bridge_slave_0: entered allmulticast mode
[   63.458467][ T5604] bridge_slave_0: entered promiscuous mode
[   63.486870][ T5604] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.489713][ T5604] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.492577][ T5604] bridge_slave_1: entered allmulticast mode
[   63.495280][ T5604] bridge_slave_1: entered promiscuous mode
[   63.527920][ T5608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.550938][ T5608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.563257][ T5604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.592584][ T5604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.597591][ T5608] team0: Port device team_slave_0 added
[   63.602222][ T5608] team0: Port device team_slave_1 added
[   63.660504][ T5604] team0: Port device team_slave_0 added
[   63.662907][ T5608] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.665661][ T5608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.675624][ T5608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.687092][ T5604] team0: Port device team_slave_1 added
[   63.690159][ T5608] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.693339][ T5608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.704226][ T5608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.757065][ T5604] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.759994][ T5604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.770236][ T5604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.776031][ T5604] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.778794][ T5604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.788867][ T5604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.820953][ T5608] hsr_slave_0: entered promiscuous mode
[   63.823938][ T5608] hsr_slave_1: entered promiscuous mode
[   63.827196][ T5608] debugfs: 'hsr0' already exists in 'hsr'
[   63.829716][ T5608] Cannot create hsr debugfs directory
[   63.866997][ T5604] hsr_slave_0: entered promiscuous mode
[   63.869990][ T5604] hsr_slave_1: entered promiscuous mode
[   63.872805][ T5604] debugfs: 'hsr0' already exists in 'hsr'
[   63.874996][ T5604] Cannot create hsr debugfs directory
[   63.950000][ T5599] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   63.958780][ T5599] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   63.972493][ T5599] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   63.979730][ T5599] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   63.995081][ T5599] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   64.000167][ T5599] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   64.015843][ T5599] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   64.020280][ T5599] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   64.129212][ T5608] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   64.136424][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   64.140547][ T5608] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   64.144986][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   64.147988][ T5608] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   64.154356][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   64.157288][ T5608] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   64.161239][ T5608] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   64.234684][ T5604] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   64.240332][ T5604] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   64.244515][ T5604] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   64.249502][ T5604] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   64.256224][ T5604] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   64.262537][ T5604] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   64.273364][ T5599] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.276300][ T5604] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   64.282038][ T5604] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   64.307206][ T5599] 8021q: adding VLAN 0 to HW filter on device team0
[   64.321036][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.324218][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.340361][ T5608] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.344435][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.346790][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.375829][ T5608] 8021q: adding VLAN 0 to HW filter on device team0
[   64.396476][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.398863][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.414318][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.416714][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.466980][ T5604] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.510228][ T5604] 8021q: adding VLAN 0 to HW filter on device team0
[   64.519088][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.522252][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.536458][   T77] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.539355][   T77] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.611898][   T54] Bluetooth: hci0: command tx timeout
[   64.612272][ T5601] Bluetooth: hci1: command tx timeout
[   64.692187][ T5601] Bluetooth: hci2: command tx timeout
[   64.770055][ T5608] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.784296][ T5599] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.807098][ T5608] veth0_vlan: entered promiscuous mode
[   64.825457][ T5608] veth1_vlan: entered promiscuous mode
[   64.838062][ T5599] veth0_vlan: entered promiscuous mode
[   64.853305][ T5599] veth1_vlan: entered promiscuous mode
[   64.860106][ T5608] veth0_macvtap: entered promiscuous mode
[   64.870075][ T5608] veth1_macvtap: entered promiscuous mode
[   64.886813][ T5599] veth0_macvtap: entered promiscuous mode
[   64.895312][ T5599] veth1_macvtap: entered promiscuous mode
[   64.898886][ T5608] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.910279][ T5608] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.920264][ T5599] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.930119][ T5604] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.936113][ T5654] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.940653][ T5654] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.948494][ T5654] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.952447][ T5654] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.958027][ T5599] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.970166][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.981171][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.986093][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.000318][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.077490][ T5604] veth0_vlan: entered promiscuous mode
[   65.077824][ T1111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.085564][ T1111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.110489][ T5604] veth1_vlan: entered promiscuous mode
[   65.113728][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.118578][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.154534][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.158396][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.161435][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.166258][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.183095][ T5604] veth0_macvtap: entered promiscuous mode
[   65.199156][ T5604] veth1_macvtap: entered promiscuous mode
[   65.207096][ T5608] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   65.226364][ T5604] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.246949][ T5604] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.284088][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.306995][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.312921][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.316495][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.383804][ T1113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.392198][ T1113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.430741][ T1113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.435539][ T1113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.624983][ T5714] kvm: MONITOR instruction emulated as NOP!
[   66.691814][ T5601] Bluetooth: hci1: command tx timeout
[   66.712840][ T5601] Bluetooth: hci0: command tx timeout
[   66.781611][ T5601] Bluetooth: hci2: command tx timeout
[   68.771849][ T5601] Bluetooth: hci0: command tx timeout
[   68.773752][   T54] Bluetooth: hci1: command tx timeout
[   68.851698][   T54] Bluetooth: hci2: command tx timeout
[   69.045124][ T5797] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   70.852058][   T54] Bluetooth: hci1: command tx timeout
[   70.852954][ T5601] Bluetooth: hci0: command tx timeout
[   70.931765][ T5601] Bluetooth: hci2: command tx timeout
[   72.956643][ T5901] kvm: kvm [5900]: vcpu0, guest rIP: 0x510e Unhandled WRMSR(0xc2) = 0x4c0b5c80000065f4
[   74.965156][ T5938] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   75.610233][ T5949] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   75.922268][ T5964] kvm: user requested TSC rate below hardware speed
[   76.696117][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[   76.700205][ T1380] ieee802154 phy1 wpan1: encryption failed: -22
[   77.799485][ T6001] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4216192048 (16864768192 ns) > initial count (2412091236 ns). Using initial count to start timer.
[   77.909974][ T6007] kvm: kvm [6002]: vcpu0, guest rIP: 0x30de Unhandled WRMSR(0xc2) = 0x6000000fc10
[   77.968877][ T6007] kvm: kvm [6002]: vcpu0, guest rIP: 0x30de Unhandled WRMSR(0xc2) = 0x4b8
[   78.688863][ T6029] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   80.513565][ T6083] kvm: user requested TSC rate below hardware speed
[   81.650352][ T6117] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   82.012966][ T6132] kvm: kvm [6131]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[   82.059524][ T6133] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   86.947318][   T32] cfg80211: failed to load regulatory.db
[   88.657788][ T6281] kvm: user requested TSC rate below hardware speed
[   89.099852][ T6296] kvm: user requested TSC rate below hardware speed
[   90.897056][ T6346] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2875328149 (11501312596 ns) > initial count (2760019912 ns). Using initial count to start timer.
[   96.988665][ T6526] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3034724117 (97111171744 ns) > initial count (11218699296 ns). Using initial count to start timer.
[  104.108959][ T6694] kvm: kvm [6692]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc1) = 0xf8
[  106.062068][ T6750] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  108.337162][ T6831] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  114.357283][ T6995] kvm: kvm [6994]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  115.815184][ T7032] kvm: kvm [7031]: vcpu0, guest rIP: 0x30de Unhandled WRMSR(0xc2) = 0x4c0b5c800000d73c
[  115.915894][ T7032] kvm: kvm [7031]: vcpu0, guest rIP: 0x30de Unhandled WRMSR(0xc2) = 0x113850
[  117.643830][ T7065] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  118.435676][ T7086] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  119.823317][ T7113] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  120.124581][ T7130] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1904310084 (1904310084 ns) > initial count (412555743 ns). Using initial count to start timer.
[  122.443144][ T7184] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1904310084 (1904310084 ns) > initial count (412555743 ns). Using initial count to start timer.
[  124.954792][ T7244] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  126.287442][ T7280] KVM: debugfs: duplicate directory 7280-4
[  127.732008][ T7317] kvm: user requested TSC rate below hardware speed
[  127.755024][ T7317] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4090101323 (4090101323 ns) > initial count (2900788671 ns). Using initial count to start timer.
[  128.204749][ T7332] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  128.208918][ T7332] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  128.215371][ T7332] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  128.218990][ T7332] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  128.227412][ T7332] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  128.234844][ T7332] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  128.244187][ T7332] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  128.253125][ T7332] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  128.569743][ T7354] kvm: user requested TSC rate below hardware speed
[  130.298826][ T7393] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  131.389369][ T7430] kvm: kvm [7429]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x6
[  133.996934][ T7489] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  138.146540][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[  138.150089][ T1380] ieee802154 phy1 wpan1: encryption failed: -22
[  139.818591][ T7652] kvm: kvm [7650]: vcpu0, guest rIP: 0x510e Unhandled WRMSR(0xc2) = 0x4c0b5c80000000c4
[  141.001033][ T7686] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3927094548 (62833512768 ns) > initial count (60803132688 ns). Using initial count to start timer.
[  164.352270][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  164.358222][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  164.362271][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  164.366733][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  164.370578][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  164.425037][ T5601] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  164.431159][ T5601] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  164.435396][ T5601] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  164.439454][ T5601] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  164.448732][ T5601] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  164.475332][   T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  164.488282][   T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  164.494990][   T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  164.503731][   T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  164.507851][   T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  165.081025][ T5654] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.177966][ T5654] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.257834][ T5654] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.353093][ T5654] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.549683][ T7763] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.553295][ T7763] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.556626][ T7763] bridge_slave_0: entered allmulticast mode
[  165.560462][ T7763] bridge_slave_0: entered promiscuous mode
[  165.564872][ T7763] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.568825][ T7763] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.572663][ T7763] bridge_slave_1: entered allmulticast mode
[  165.576523][ T7763] bridge_slave_1: entered promiscuous mode
[  165.582913][ T7760] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.585869][ T7760] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.588931][ T7760] bridge_slave_0: entered allmulticast mode
[  165.592627][ T7760] bridge_slave_0: entered promiscuous mode
[  165.596698][ T7760] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.599214][ T7760] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.601853][ T7760] bridge_slave_1: entered allmulticast mode
[  165.604949][ T7760] bridge_slave_1: entered promiscuous mode
[  165.666901][ T7760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.674193][ T7760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  165.678282][ T7757] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.681331][ T7757] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.684760][ T7757] bridge_slave_0: entered allmulticast mode
[  165.688032][ T7757] bridge_slave_0: entered promiscuous mode
[  165.693105][ T7763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.699855][ T5654] bridge_slave_1: left allmulticast mode
[  165.703252][ T5654] bridge_slave_1: left promiscuous mode
[  165.706332][ T5654] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.717204][ T5654] bridge_slave_0: left allmulticast mode
[  165.719122][ T5654] bridge_slave_0: left promiscuous mode
[  165.721182][ T5654] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.869141][ T5654] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  165.875637][ T5654] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  165.879953][ T5654] bond0 (unregistering): Released all slaves
[  165.896213][ T7757] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.899165][ T7757] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.901803][ T7757] bridge_slave_1: entered allmulticast mode
[  165.905118][ T7757] bridge_slave_1: entered promiscuous mode
[  165.922371][ T7763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  165.957483][ T7757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.989562][ T7760] team0: Port device team_slave_0 added
[  165.994783][ T7760] team0: Port device team_slave_1 added
[  165.999505][ T7757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.008287][ T7763] team0: Port device team_slave_0 added
[  166.049118][ T7763] team0: Port device team_slave_1 added
[  166.062868][ T7760] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.066343][ T7760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  166.077413][ T7760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.086403][ T7757] team0: Port device team_slave_0 added
[  166.116517][ T7757] team0: Port device team_slave_1 added
[  166.120063][ T7760] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.123457][ T7760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  166.134977][ T7760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.141152][ T7763] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.144637][ T7763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  166.153327][ T7763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.157812][ T7763] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.160563][ T7763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  166.170239][ T7763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.260399][ T7757] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.263749][ T7757] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  166.276214][ T7757] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.298192][ T7760] hsr_slave_0: entered promiscuous mode
[  166.304377][ T7760] hsr_slave_1: entered promiscuous mode
[  166.307457][ T7760] debugfs: 'hsr0' already exists in 'hsr'
[  166.310074][ T7760] Cannot create hsr debugfs directory
[  166.327404][ T5654] hsr_slave_0: left promiscuous mode
[  166.330138][ T5654] hsr_slave_1: left promiscuous mode
[  166.332569][ T5654] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  166.335660][ T5654] batman_adv: batadv0: Removing interface: batadv_slave_0
[  166.339266][ T5654] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  166.341844][ T5654] batman_adv: batadv0: Removing interface: batadv_slave_1
[  166.350002][ T5654] veth1_macvtap: left promiscuous mode
[  166.352704][ T5654] veth0_macvtap: left promiscuous mode
[  166.354852][ T5654] veth1_vlan: left promiscuous mode
[  166.356703][ T5654] veth0_vlan: left promiscuous mode
[  166.451683][   T54] Bluetooth: hci3: command tx timeout
[  166.503365][ T5654] team0 (unregistering): Port device team_slave_1 removed
[  166.514703][ T5654] team0 (unregistering): Port device team_slave_0 removed
[  166.532305][ T5601] Bluetooth: hci4: command tx timeout
[  166.535247][   T54] Bluetooth: hci5: command tx timeout
[  166.633523][ T7757] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.636933][ T7757] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  166.647753][ T7757] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.653570][ T5344] 8021q: adding VLAN 0 to HW filter on device eth1
[  166.665558][ T7763] hsr_slave_0: entered promiscuous mode
[  166.668130][ T7763] hsr_slave_1: entered promiscuous mode
[  166.670367][ T7763] debugfs: 'hsr0' already exists in 'hsr'
[  166.672543][ T7763] Cannot create hsr debugfs directory
[  166.729592][ T7757] hsr_slave_0: entered promiscuous mode
[  166.732155][ T7757] hsr_slave_1: entered promiscuous mode
[  166.734486][ T7757] debugfs: 'hsr0' already exists in 'hsr'
[  166.736726][ T7757] Cannot create hsr debugfs directory
[  167.004114][ T5344] 8021q: adding VLAN 0 to HW filter on device eth2
[  167.055902][ T7760] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  167.067826][ T7760] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  167.072705][ T7760] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  167.078903][ T7760] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  167.090964][ T7760] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  167.098690][ T7760] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  167.116236][ T7760] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  167.120666][ T7760] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  167.154058][ T5654] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.190278][ T7763] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  167.198738][ T7763] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  167.206592][ T7763] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  167.213924][ T7763] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  167.234522][ T5654] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.250093][ T7763] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  167.257544][ T7763] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  167.278230][ T5344] 8021q: adding VLAN 0 to HW filter on device eth3
[  167.285188][ T7763] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  167.291148][ T7763] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  167.315649][ T5654] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.384504][ T5654] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.395162][ T7757] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  167.407624][ T7757] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  167.423096][ T7757] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  167.429371][ T7757] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  167.434133][ T7757] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  167.439385][ T7757] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  167.457794][ T7757] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  167.464696][ T7757] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  167.609122][ T5654] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.636467][ T5344] 8021q: adding VLAN 0 to HW filter on device eth4
[  167.648836][ T7760] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.681371][ T5654] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.700650][ T7763] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.729602][ T7760] 8021q: adding VLAN 0 to HW filter on device team0
[  167.749826][ T5654] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.765871][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.768865][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.775731][ T7763] 8021q: adding VLAN 0 to HW filter on device team0
[  167.810373][ T5654] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.831162][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.834238][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.840139][   T29] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.843238][   T29] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.866339][ T7757] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.872895][   T29] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.875365][   T29] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.920107][ T7757] 8021q: adding VLAN 0 to HW filter on device team0
[  167.941425][ T5344] 8021q: adding VLAN 0 to HW filter on device eth5
[  167.948368][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.950741][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.970888][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.974104][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  168.015955][ T7760] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  168.096253][ T5654] bridge_slave_1: left allmulticast mode
[  168.098374][ T5654] bridge_slave_1: left promiscuous mode
[  168.101170][ T5654] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.105535][ T5654] bridge_slave_0: left allmulticast mode
[  168.107840][ T5654] bridge_slave_0: left promiscuous mode
[  168.110252][ T5654] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.120211][ T5654] bridge_slave_1: left allmulticast mode
[  168.122849][ T5654] bridge_slave_1: left promiscuous mode
[  168.124907][ T5654] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.128945][ T5654] bridge_slave_0: left allmulticast mode
[  168.130910][ T5654] bridge_slave_0: left promiscuous mode
[  168.136681][ T5654] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.306248][ T5654] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.312385][ T5654] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.317405][ T5654] bond0 (unregistering): Released all slaves
[  168.427225][ T5654] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.433167][ T5654] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.438393][ T5654] bond0 (unregistering): Released all slaves
[  168.531751][   T54] Bluetooth: hci3: command tx timeout
[  168.611719][ T5601] Bluetooth: hci4: command tx timeout
[  168.614325][   T54] Bluetooth: hci5: command tx timeout
[  168.860435][ T7763] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.885309][ T5344] 8021q: adding VLAN 0 to HW filter on device eth6
[  168.920299][ T7760] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.026377][ T5654] hsr_slave_0: left promiscuous mode
[  169.034213][ T5654] hsr_slave_1: left promiscuous mode
[  169.039058][ T5654] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.051777][ T5654] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.061016][ T5654] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.066792][ T5654] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.074279][ T5654] hsr_slave_0: left promiscuous mode
[  169.077119][ T5654] hsr_slave_1: left promiscuous mode
[  169.080014][ T5654] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.083906][ T5654] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.087512][ T5654] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.090762][ T5654] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.109315][ T5654] veth1_macvtap: left promiscuous mode
[  169.112757][ T5654] veth0_macvtap: left promiscuous mode
[  169.115208][ T5654] veth1_vlan: left promiscuous mode
[  169.117414][ T5654] veth0_vlan: left promiscuous mode
[  169.121113][ T5654] veth1_macvtap: left promiscuous mode
[  169.123867][ T5654] veth0_macvtap: left promiscuous mode
[  169.126280][ T5654] veth1_vlan: left promiscuous mode
[  169.128573][ T5654] veth0_vlan: left promiscuous mode
[  169.392745][ T5654] team0 (unregistering): Port device team_slave_1 removed
[  169.406146][ T5654] team0 (unregistering): Port device team_slave_0 removed
[  169.653652][ T5654] team0 (unregistering): Port device team_slave_1 removed
[  169.667375][ T5654] team0 (unregistering): Port device team_slave_0 removed
[  169.774381][ T7757] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.876183][ T7757] veth0_vlan: entered promiscuous mode
[  169.904636][ T7757] veth1_vlan: entered promiscuous mode
[  169.954792][ T7757] veth0_macvtap: entered promiscuous mode
[  169.968310][ T7757] veth1_macvtap: entered promiscuous mode
[  170.005901][ T5344] 8021q: adding VLAN 0 to HW filter on device eth7
[  170.019163][ T7757] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.040854][ T7757] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.069231][ T7875] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.080667][ T7763] veth0_vlan: entered promiscuous mode
[  170.089261][ T7875] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.093900][ T7875] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.119289][ T7875] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.180233][ T7763] veth1_vlan: entered promiscuous mode
[  170.237614][ T7760] veth0_vlan: entered promiscuous mode
[  170.245937][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.256941][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.276314][ T7760] veth1_vlan: entered promiscuous mode
[  170.327296][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.327415][ T7763] veth0_macvtap: entered promiscuous mode
[  170.333828][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.349448][ T7763] veth1_macvtap: entered promiscuous mode
[  170.364981][ T7760] veth0_macvtap: entered promiscuous mode
[  170.385203][ T7763] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.391272][ T7760] veth1_macvtap: entered promiscuous mode
[  170.398732][ T7763] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.415568][ T7875] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.423307][ T7875] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.434590][ T7875] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.455899][ T7875] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.499987][ T7760] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.512249][ T5344] 8021q: adding VLAN 0 to HW filter on device eth8
[  170.554201][ T7760] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.570499][ T7875] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.577122][ T7875] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.601813][ T7875] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.610207][ T7875] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.614164][   T54] Bluetooth: hci3: command tx timeout
[  170.617986][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.626271][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.672933][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.676764][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.701874][ T5601] Bluetooth: hci4: command tx timeout
[  170.704482][   T54] Bluetooth: hci5: command tx timeout
[  170.789102][ T1111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.815875][ T1111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.880766][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.884545][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.986663][ T5344] 8021q: adding VLAN 0 to HW filter on device eth9
[  171.388502][ T5344] 8021q: adding VLAN 0 to HW filter on device eth10
[  171.665228][ T5344] 8021q: adding VLAN 0 to HW filter on device eth11
[  172.027524][ T5344] 8021q: adding VLAN 0 to HW filter on device eth12
[  172.693663][   T54] Bluetooth: hci3: command tx timeout
[  172.771963][ T5601] Bluetooth: hci4: command tx timeout
[  172.774541][   T54] Bluetooth: hci5: command tx timeout
[  177.464296][ T8196] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  180.521054][ T8292] kvm: emulating exchange as write
[  182.277058][ T8357] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  182.987696][ T8409] kvm: user requested TSC rate below hardware speed
[  187.736643][ T8574] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  188.124126][ T8589] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4216192048 (16864768192 ns) > initial count (2412091236 ns). Using initial count to start timer.
[  188.852135][ T8609] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  213.107621][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[  213.110959][ T1380] ieee802154 phy1 wpan1: encryption failed: -22
[  213.466714][ T5601] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  213.474799][ T5601] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  213.482027][ T5601] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  213.489594][ T5601] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  213.495599][ T5601] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  213.532211][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  213.536462][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  213.539408][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  213.544691][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  213.547568][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  213.632220][ T5601] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  213.640490][ T5601] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  213.644237][ T5601] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  213.648242][ T5601] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  213.658639][ T5601] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  213.905599][ T5466] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.978204][ T5466] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.029436][ T5466] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.075893][ T5466] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.221745][ T8692] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.224745][ T8692] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.228330][ T8692] bridge_slave_0: entered allmulticast mode
[  214.232855][ T8692] bridge_slave_0: entered promiscuous mode
[  214.245337][ T8692] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.248540][ T8692] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.253333][ T8692] bridge_slave_1: entered allmulticast mode
[  214.256124][ T8692] bridge_slave_1: entered promiscuous mode
[  214.320037][ T8692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.326418][ T8692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.389430][ T8692] team0: Port device team_slave_0 added
[  214.401401][ T5466] bridge_slave_1: left allmulticast mode
[  214.403665][ T5466] bridge_slave_1: left promiscuous mode
[  214.405871][ T5466] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.409751][ T5466] bridge_slave_0: left allmulticast mode
[  214.412602][ T5466] bridge_slave_0: left promiscuous mode
[  214.415111][ T5466] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.580806][ T5466] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.586861][ T5466] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.591863][ T5466] bond0 (unregistering): Released all slaves
[  214.610331][ T8692] team0: Port device team_slave_1 added
[  214.722625][ T8692] batman_adv: batadv0: Adding interface: batadv_slave_0
[  214.726626][ T8692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  214.738973][ T8692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.754275][ T8700] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.757098][ T8700] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.759767][ T8700] bridge_slave_0: entered allmulticast mode
[  214.763368][ T8700] bridge_slave_0: entered promiscuous mode
[  214.769812][ T8692] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.774886][ T8692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  214.783500][ T8692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  214.790684][ T8694] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.793485][ T8694] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.795896][ T8694] bridge_slave_0: entered allmulticast mode
[  214.798551][ T8694] bridge_slave_0: entered promiscuous mode
[  214.802984][ T8700] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.805386][ T8700] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.807706][ T8700] bridge_slave_1: entered allmulticast mode
[  214.810333][ T8700] bridge_slave_1: entered promiscuous mode
[  214.828143][ T8694] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.831361][ T8694] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.834908][ T8694] bridge_slave_1: entered allmulticast mode
[  214.839401][ T8694] bridge_slave_1: entered promiscuous mode
[  214.857577][ T8700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.881726][ T8700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.929987][ T8694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.943144][ T8692] hsr_slave_0: entered promiscuous mode
[  214.945944][ T8692] hsr_slave_1: entered promiscuous mode
[  214.952927][ T5466] hsr_slave_0: left promiscuous mode
[  214.955698][ T5466] hsr_slave_1: left promiscuous mode
[  214.958858][ T5466] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.963140][ T5466] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.966887][ T5466] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.970619][ T5466] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.980881][ T5466] veth1_macvtap: left promiscuous mode
[  214.983638][ T5466] veth0_macvtap: left promiscuous mode
[  214.986162][ T5466] veth1_vlan: left promiscuous mode
[  214.988461][ T5466] veth0_vlan: left promiscuous mode
[  215.178497][ T5466] team0 (unregistering): Port device team_slave_1 removed
[  215.190849][ T5466] team0 (unregistering): Port device team_slave_0 removed
[  215.314075][ T8694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.319193][ T8700] team0: Port device team_slave_0 added
[  215.358988][ T8700] team0: Port device team_slave_1 added
[  215.378214][ T8694] team0: Port device team_slave_0 added
[  215.398816][ T8694] team0: Port device team_slave_1 added
[  215.432130][ T8700] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.441738][ T8700] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  215.453103][ T8700] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.458697][ T8700] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.461972][ T8700] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  215.472699][ T8700] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.515451][ T8694] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.518495][ T8694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  215.529729][ T8694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.555750][ T8694] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.559102][ T8694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  215.570578][ T8694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.576474][   T54] Bluetooth: hci0: command tx timeout
[  215.579267][ T5601] Bluetooth: hci1: command tx timeout
[  215.609288][ T5344] 8021q: adding VLAN 0 to HW filter on device eth13
[  215.617234][ T8700] hsr_slave_0: entered promiscuous mode
[  215.620316][ T8700] hsr_slave_1: entered promiscuous mode
[  215.623270][ T8700] debugfs: 'hsr0' already exists in 'hsr'
[  215.625715][ T8700] Cannot create hsr debugfs directory
[  215.715871][ T8694] hsr_slave_0: entered promiscuous mode
[  215.719093][ T8694] hsr_slave_1: entered promiscuous mode
[  215.722361][ T8694] debugfs: 'hsr0' already exists in 'hsr'
[  215.724757][ T8694] Cannot create hsr debugfs directory
[  215.731725][ T5601] Bluetooth: hci2: command tx timeout
[  215.946073][ T5466] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.963735][ T8692] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  215.970191][ T8692] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  215.974814][ T8692] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  215.981909][ T8692] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  216.007720][ T8692] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  216.013431][ T8692] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  216.017032][ T8692] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  216.025538][ T8692] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  216.029880][ T5344] 8021q: adding VLAN 0 to HW filter on device eth14
[  216.058727][ T5466] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.123964][ T5466] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.165270][ T8700] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  216.176947][ T8700] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  216.194106][ T5466] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.207754][ T8700] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  216.214438][ T8700] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  216.219571][ T8700] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  216.229236][ T8700] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  216.246713][ T8700] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  216.252303][ T8700] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  216.322426][ T8694] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  216.327648][ T8694] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  216.331960][ T8694] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  216.336624][ T8694] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  216.358180][ T8694] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  216.363008][ T8694] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  216.365751][ T8694] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  216.369539][ T8694] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  216.390569][ T5344] 8021q: adding VLAN 0 to HW filter on device eth15
[  216.411037][ T5466] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.427169][ T8692] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.471313][ T5466] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.481725][ T8692] 8021q: adding VLAN 0 to HW filter on device team0
[  216.496193][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.498591][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.509679][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.512978][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.538079][ T5466] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.566256][ T8700] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.587619][ T5466] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.610933][ T8692] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  216.620673][ T8700] 8021q: adding VLAN 0 to HW filter on device team0
[  216.648992][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.652263][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.685026][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.688301][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.728983][ T5344] 8021q: adding VLAN 0 to HW filter on device eth16
[  216.772865][ T8694] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.777716][ T5466] bridge_slave_1: left allmulticast mode
[  216.780105][ T5466] bridge_slave_1: left promiscuous mode
[  216.782942][ T5466] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.788081][ T5466] bridge_slave_0: left allmulticast mode
[  216.790427][ T5466] bridge_slave_0: left promiscuous mode
[  216.793660][ T5466] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.799611][ T5466] bridge_slave_1: left allmulticast mode
[  216.802161][ T5466] bridge_slave_1: left promiscuous mode
[  216.804512][ T5466] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.809637][ T5466] bridge_slave_0: left allmulticast mode
[  216.813236][ T5466] bridge_slave_0: left promiscuous mode
[  216.815867][ T5466] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.968852][ T5466] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  216.973861][ T5466] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  216.977390][ T5466] bond0 (unregistering): Released all slaves
[  217.045247][ T5466] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  217.049990][ T5466] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  217.054057][ T5466] bond0 (unregistering): Released all slaves
[  217.082821][ T8694] 8021q: adding VLAN 0 to HW filter on device team0
[  217.118046][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.121265][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.170957][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.174053][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.192483][ T8694] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  217.196862][ T8694] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  217.370184][ T8692] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.480052][ T5344] 8021q: adding VLAN 0 to HW filter on device eth17
[  217.515519][ T5466] hsr_slave_0: left promiscuous mode
[  217.519886][ T5466] hsr_slave_1: left promiscuous mode
[  217.525855][ T5466] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.532459][ T5466] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.552590][ T5466] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.555134][ T5466] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.561154][ T5466] hsr_slave_0: left promiscuous mode
[  217.565294][ T5466] hsr_slave_1: left promiscuous mode
[  217.568502][ T5466] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.574543][ T5466] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.577923][ T5466] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.581047][ T5466] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.590843][ T5466] veth1_macvtap: left promiscuous mode
[  217.593299][ T5466] veth0_macvtap: left promiscuous mode
[  217.595194][ T5466] veth1_vlan: left promiscuous mode
[  217.596926][ T5466] veth0_vlan: left promiscuous mode
[  217.599838][ T5466] veth1_macvtap: left promiscuous mode
[  217.601890][ T5466] veth0_macvtap: left promiscuous mode
[  217.603808][ T5466] veth1_vlan: left promiscuous mode
[  217.605940][ T5466] veth0_vlan: left promiscuous mode
[  217.652375][   T54] Bluetooth: hci0: command tx timeout
[  217.654343][ T5601] Bluetooth: hci1: command tx timeout
[  217.776248][ T5466] team0 (unregistering): Port device team_slave_1 removed
[  217.785935][ T5466] team0 (unregistering): Port device team_slave_0 removed
[  217.811739][ T5601] Bluetooth: hci2: command tx timeout
[  217.945432][ T5466] team0 (unregistering): Port device team_slave_1 removed
[  217.952584][ T5466] team0 (unregistering): Port device team_slave_0 removed
[  218.108518][ T8692] veth0_vlan: entered promiscuous mode
[  218.123931][ T8692] veth1_vlan: entered promiscuous mode
[  218.172023][ T8692] veth0_macvtap: entered promiscuous mode
[  218.179290][ T8692] veth1_macvtap: entered promiscuous mode
[  218.221388][ T8692] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.245906][ T8700] 8021q: adding VLAN 0 to HW filter on device batadv0
[  218.259066][ T8692] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.268679][ T8694] 8021q: adding VLAN 0 to HW filter on device batadv0
[  218.278624][   T13] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.291703][   T13] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.305332][ T7875] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.313846][ T7875] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.383566][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.396654][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.430948][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.438328][ T5344] 8021q: adding VLAN 0 to HW filter on device eth18
[  218.439702][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.542625][ T8694] veth0_vlan: entered promiscuous mode
[  218.567871][ T8694] veth1_vlan: entered promiscuous mode
[  218.604295][ T8700] veth0_vlan: entered promiscuous mode
[  218.622191][ T8700] veth1_vlan: entered promiscuous mode
[  218.629440][ T8694] veth0_macvtap: entered promiscuous mode
[  218.645127][ T8694] veth1_macvtap: entered promiscuous mode
[  218.676664][ T8694] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.686860][ T5344] 8021q: adding VLAN 0 to HW filter on device eth19
[  218.691168][ T8694] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.696058][ T8700] veth0_macvtap: entered promiscuous mode
[  218.709314][ T8700] veth1_macvtap: entered promiscuous mode
[  218.715574][ T5466] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.719498][ T5466] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.725859][ T5466] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.729150][ T5466] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.749118][ T8700] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.767993][ T8700] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.778696][ T5466] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.785162][ T5466] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.795168][ T5466] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.798111][ T5466] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.810023][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.816122][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.857666][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.861388][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.877145][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.885885][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.916614][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.921988][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.043972][ T5344] 8021q: adding VLAN 0 to HW filter on device eth20
[  219.289014][ T5344] 8021q: adding VLAN 0 to HW filter on device eth21
[  219.466699][ T5344] 8021q: adding VLAN 0 to HW filter on device eth22
[  219.667196][ T5344] 8021q: adding VLAN 0 to HW filter on device eth23
[  219.727442][ T8926] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  219.733198][   T54] Bluetooth: hci0: command tx timeout
[  219.735558][ T5601] Bluetooth: hci1: command tx timeout
[  219.890036][ T5344] 8021q: adding VLAN 0 to HW filter on device eth24
[  219.901920][ T5601] Bluetooth: hci2: command tx timeout
[  221.812196][   T54] Bluetooth: hci0: command tx timeout
[  221.814524][ T5601] Bluetooth: hci1: command tx timeout
[  221.972088][ T5601] Bluetooth: hci2: command tx timeout
[  223.134234][ T9044] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4216192048 (16864768192 ns) > initial count (2412091236 ns). Using initial count to start timer.
[  232.638237][ T9412] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3628202063 (464409864064 ns) > initial count (39566658176 ns). Using initial count to start timer.
[  235.677095][ T9489] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4216192048 (16864768192 ns) > initial count (2412091236 ns). Using initial count to start timer.
[  236.467202][ T9522] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  237.729711][ T9572] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  238.377089][ T9602] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4216192048 (16864768192 ns) > initial count (2412091236 ns). Using initial count to start timer.
[  242.419822][ T9702] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  244.155381][ T9769] kvm: user requested TSC rate below hardware speed
[  250.777910][ T9955] kvm: user requested TSC rate below hardware speed
[  255.641407][T10093] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  255.795317][T10098] kvm: user requested TSC rate below hardware speed
[  256.774412][T10118] kvm: kvm [10117]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  256.894701][T10127] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  262.481235][T10323] kvm: kvm [10322]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc1) = 0xf8
[  294.992477][ T1380] ieee802154 phy0 wpan0: encryption failed: -22
[  294.995636][ T1380] ieee802154 phy1 wpan1: encryption failed: -22
[  295.314224][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  295.320657][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  295.324509][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  295.328906][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  295.332760][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  295.377964][ T5601] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  295.382056][ T5601] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  295.385189][ T5601] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  295.389202][ T5601] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  295.392484][ T5601] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  295.489675][   T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  295.496974][   T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  295.502992][   T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  295.510256][   T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  295.515377][   T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  295.952240][   T13] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.014520][   T13] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.113018][   T13] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.159756][   T13] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.246149][T10387] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.248755][T10387] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.251107][T10387] bridge_slave_0: entered allmulticast mode
[  296.254196][T10387] bridge_slave_0: entered promiscuous mode
[  296.277889][T10387] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.280762][T10387] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.283394][T10387] bridge_slave_1: entered allmulticast mode
[  296.286056][T10387] bridge_slave_1: entered promiscuous mode
[  296.341261][T10387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.347421][T10387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.398578][T10387] team0: Port device team_slave_0 added
[  296.416077][T10387] team0: Port device team_slave_1 added
[  296.418611][T10391] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.421103][T10391] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.423729][T10391] bridge_slave_0: entered allmulticast mode
[  296.426470][T10391] bridge_slave_0: entered promiscuous mode
[  296.447190][T10391] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.449700][T10391] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.452672][T10391] bridge_slave_1: entered allmulticast mode
[  296.455490][T10391] bridge_slave_1: entered promiscuous mode
[  296.504490][T10387] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.507401][T10387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  296.518535][T10387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.541208][T10391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.560592][   T13] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.576190][T10387] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.578581][T10387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  296.588048][T10387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.593990][T10391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.614996][   T13] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.627581][T10396] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.630457][T10396] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.633583][T10396] bridge_slave_0: entered allmulticast mode
[  296.636208][T10396] bridge_slave_0: entered promiscuous mode
[  296.659662][T10391] team0: Port device team_slave_0 added
[  296.661910][T10396] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.664620][T10396] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.667610][T10396] bridge_slave_1: entered allmulticast mode
[  296.670567][T10396] bridge_slave_1: entered promiscuous mode
[  296.690028][   T13] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.699176][T10391] team0: Port device team_slave_1 added
[  296.726420][T10387] hsr_slave_0: entered promiscuous mode
[  296.729535][T10387] hsr_slave_1: entered promiscuous mode
[  296.732614][T10387] debugfs: 'hsr0' already exists in 'hsr'
[  296.735074][T10387] Cannot create hsr debugfs directory
[  296.769247][   T13] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.778679][T10391] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.782464][T10391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  296.794495][T10391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.799481][T10391] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.801822][T10391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  296.810677][T10391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.827293][T10396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.857973][T10396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.894653][T10391] hsr_slave_0: entered promiscuous mode
[  296.899312][T10391] hsr_slave_1: entered promiscuous mode
[  296.902589][T10391] debugfs: 'hsr0' already exists in 'hsr'
[  296.905015][T10391] Cannot create hsr debugfs directory
[  296.964406][T10396] team0: Port device team_slave_0 added
[  296.973193][T10396] team0: Port device team_slave_1 added
[  296.999051][ T5344] 8021q: adding VLAN 0 to HW filter on device eth25
[  297.046971][T10396] batman_adv: batadv0: Adding interface: batadv_slave_0
[  297.050926][T10396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  297.060010][T10396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  297.066747][T10396] batman_adv: batadv0: Adding interface: batadv_slave_1
[  297.069649][T10396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  297.080378][T10396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  297.227868][T10396] hsr_slave_0: entered promiscuous mode
[  297.230959][T10396] hsr_slave_1: entered promiscuous mode
[  297.233952][T10396] debugfs: 'hsr0' already exists in 'hsr'
[  297.236527][T10396] Cannot create hsr debugfs directory
[  297.266171][   T13] bridge_slave_1: left allmulticast mode
[  297.268277][   T13] bridge_slave_1: left promiscuous mode
[  297.270320][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.274727][   T13] bridge_slave_0: left allmulticast mode
[  297.276744][   T13] bridge_slave_0: left promiscuous mode
[  297.278798][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.289145][   T13] bridge_slave_1: left allmulticast mode
[  297.292002][   T13] bridge_slave_1: left promiscuous mode
[  297.294566][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.300641][   T13] bridge_slave_0: left allmulticast mode
[  297.304461][   T13] bridge_slave_0: left promiscuous mode
[  297.306565][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.421733][ T5601] Bluetooth: hci4: command tx timeout
[  297.422104][   T54] Bluetooth: hci3: command tx timeout
[  297.507701][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.517306][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.522074][   T13] bond0 (unregistering): Released all slaves
[  297.573696][   T54] Bluetooth: hci5: command tx timeout
[  297.625368][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.630605][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.635399][   T13] bond0 (unregistering): Released all slaves
[  297.868059][T10387] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  297.885911][T10387] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  297.892453][T10387] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  297.897754][T10387] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  297.946615][T10387] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  297.968440][T10387] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  297.990995][ T5344] 8021q: adding VLAN 0 to HW filter on device eth26
[  297.994072][T10387] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  298.000163][T10387] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  298.083944][T10387] 8021q: adding VLAN 0 to HW filter on device bond0
[  298.094465][T10387] 8021q: adding VLAN 0 to HW filter on device team0
[  298.107953][ T1113] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.110937][ T1113] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.140375][ T1113] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.143310][ T1113] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.156609][ T5344] 8021q: adding VLAN 0 to HW filter on device eth27
[  298.167550][   T13] hsr_slave_0: left promiscuous mode
[  298.174249][   T13] hsr_slave_1: left promiscuous mode
[  298.177258][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.180484][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.184693][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.187887][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.197852][   T13] hsr_slave_0: left promiscuous mode
[  298.200706][   T13] hsr_slave_1: left promiscuous mode
[  298.203754][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.206959][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.210716][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.214809][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.230004][   T13] veth1_macvtap: left promiscuous mode
[  298.232768][   T13] veth0_macvtap: left promiscuous mode
[  298.235347][   T13] veth1_vlan: left promiscuous mode
[  298.237635][   T13] veth0_vlan: left promiscuous mode
[  298.241455][   T13] veth1_macvtap: left promiscuous mode
[  298.244056][   T13] veth0_macvtap: left promiscuous mode
[  298.246466][   T13] veth1_vlan: left promiscuous mode
[  298.248700][   T13] veth0_vlan: left promiscuous mode
[  298.499994][   T13] team0 (unregistering): Port device team_slave_1 removed
[  298.529698][   T13] team0 (unregistering): Port device team_slave_0 removed
[  298.766116][   T13] team0 (unregistering): Port device team_slave_1 removed
[  298.779762][   T13] team0 (unregistering): Port device team_slave_0 removed
[  299.255621][ T5344] 8021q: adding VLAN 0 to HW filter on device eth28
[  299.343947][T10391] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  299.363407][T10391] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  299.367503][T10391] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  299.378688][T10391] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  299.437718][T10391] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  299.446590][T10391] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  299.455766][T10391] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  299.462605][T10391] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  299.475980][T10387] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.491801][   T54] Bluetooth: hci4: command tx timeout
[  299.491840][ T5601] Bluetooth: hci3: command tx timeout
[  299.651842][ T5601] Bluetooth: hci5: command tx timeout
[  299.718141][   T13] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.761143][T10391] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.766030][ T5344] 8021q: adding VLAN 0 to HW filter on device eth29
[  299.799399][   T13] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.827883][T10391] 8021q: adding VLAN 0 to HW filter on device team0
[  299.849683][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.852912][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.869791][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.873070][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.888843][   T13] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.946300][   T13] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.976099][T10387] veth0_vlan: entered promiscuous mode
[  300.019536][T10387] veth1_vlan: entered promiscuous mode
[  300.060181][T10396] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  300.075653][T10396] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  300.084359][T10396] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  300.092954][T10396] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  300.110349][ T5344] 8021q: adding VLAN 0 to HW filter on device eth30
[  300.112871][T10396] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  300.117864][T10396] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  300.121346][T10396] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  300.126914][T10396] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  300.225996][   T13] bridge_slave_1: left allmulticast mode
[  300.228391][   T13] bridge_slave_1: left promiscuous mode
[  300.230862][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.241402][   T13] bridge_slave_0: left allmulticast mode
[  300.244891][   T13] bridge_slave_0: left promiscuous mode
[  300.247412][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.377130][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  300.383862][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  300.388676][   T13] bond0 (unregistering): Released all slaves
[  300.405007][T10387] veth0_macvtap: entered promiscuous mode
[  300.422621][T10387] veth1_macvtap: entered promiscuous mode
[  300.528832][T10387] batman_adv: batadv0: Interface activated: batadv_slave_0
[  300.538697][T10387] batman_adv: batadv0: Interface activated: batadv_slave_1
[  300.558209][   T12] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.576752][   T12] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.604071][   T12] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.613494][   T12] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.658884][T10396] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.739840][   T13] hsr_slave_0: left promiscuous mode
[  300.748636][   T13] hsr_slave_1: left promiscuous mode
[  300.754890][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  300.761753][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.765737][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  300.768225][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  300.776988][   T13] veth1_macvtap: left promiscuous mode
[  300.779418][   T13] veth0_macvtap: left promiscuous mode
[  300.782146][   T13] veth1_vlan: left promiscuous mode
[  300.784525][   T13] veth0_vlan: left promiscuous mode
[  300.983265][   T13] team0 (unregistering): Port device team_slave_1 removed
[  301.000234][   T13] team0 (unregistering): Port device team_slave_0 removed
[  301.087472][ T5344] 8021q: adding VLAN 0 to HW filter on device eth31
[  301.120134][T10396] 8021q: adding VLAN 0 to HW filter on device team0
[  301.131211][T10391] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.150054][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.157081][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.157810][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.163298][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.175077][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.177546][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.229456][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.238578][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.300547][T10391] veth0_vlan: entered promiscuous mode
[  301.320036][T10391] veth1_vlan: entered promiscuous mode
[  301.380247][T10391] veth0_macvtap: entered promiscuous mode
[  301.392687][T10391] veth1_macvtap: entered promiscuous mode
[  301.415991][T10391] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.433086][T10391] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.446100][ T5466] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.449141][ T5466] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.464270][ T5466] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.476770][ T5466] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.573956][ T5601] Bluetooth: hci4: command tx timeout
[  301.574024][   T54] Bluetooth: hci3: command tx timeout
[  301.582006][ T5344] 8021q: adding VLAN 0 to HW filter on device eth32
[  301.597132][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.607094][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.658974][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.666597][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.732433][   T54] Bluetooth: hci5: command tx timeout
[  301.748728][T10396] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.795491][T10396] veth0_vlan: entered promiscuous mode
[  301.815177][T10396] veth1_vlan: entered promiscuous mode
[  301.863790][T10396] veth0_macvtap: entered promiscuous mode
[  301.884995][T10396] veth1_macvtap: entered promiscuous mode
[  301.913626][T10396] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.929694][T10396] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.952783][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.963750][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.985833][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.995243][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  302.122000][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.126055][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.173648][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.177437][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.651725][   T54] Bluetooth: hci4: command tx timeout
[  303.662062][   T54] Bluetooth: hci3: command tx timeout
[  303.812870][   T54] Bluetooth: hci5: command tx timeout
[  304.614442][T10670] KVM: debugfs: duplicate directory 10670-4
[  307.307643][ T5344] 8021q: adding VLAN 0 to HW filter on device eth1
[  307.511131][ T5344] 8021q: adding VLAN 0 to HW filter on device eth2
[  307.709963][ T5344] 8021q: adding VLAN 0 to HW filter on device eth3
[  307.867833][ T5344] 8021q: adding VLAN 0 to HW filter on device eth4
[  317.993697][T11094] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4216192048 (16864768192 ns) > initial count (2412091236 ns). Using initial count to start timer.
[  318.580806][T11107] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  320.081544][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.093461][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.099637][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.109431][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.115337][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.118260][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.121335][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.129663][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.141457][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.146970][T11170] kvm: kvm [11169]: vcpu0, guest rIP: 0x55d80 Unhandled WRMSR(0x186) = 0x3
[  320.764884][T11211] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4216192048 (16864768192 ns) > initial count (2412091236 ns). Using initial count to start timer.
[  322.509953][T11283] KVM: debugfs: duplicate directory 11283-20
[  324.150082][T11329] kvm: user requested TSC rate below hardware speed
[  333.034666][T11392] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  343.537682][T11659] kvm: user requested TSC rate below hardware speed
[  346.237423][T11730] kvm: user requested TSC rate below hardware speed
[  353.370405][T11954] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  353.504279][T11957] kvm_pr_unimpl_wrmsr: 24 callbacks suppressed
[  353.513307][T11957] kvm: kvm [11947]: vcpu0, guest rIP: 0x510e Unhandled WRMSR(0xc2) = 0x4c0b5c8000000301
[  498.086324][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 133s! [syz.9.1256:12038]
[  498.086341][    C0] Modules linked in:
[  498.086349][    C0] irq event stamp: 2492615
[  498.086353][    C0] hardirqs last  enabled at (2492614): [<ffffffff8187ef98>] handle_softirqs+0x158/0x840
[  498.086377][    C0] hardirqs last disabled at (2492615): [<ffffffff8ba84bce>] sysvec_apic_timer_interrupt+0xe/0xc0
[  498.086391][    C0] softirqs last  enabled at (7010): [<ffffffff8187f96a>] __irq_exit_rcu+0xca/0x220
[  498.086402][    C0] softirqs last disabled at (2492613): [<ffffffff8187f96a>] __irq_exit_rcu+0xca/0x220
[  498.086418][    C0] CPU: 0 UID: 0 PID: 12038 Comm: syz.9.1256 Not tainted syzkaller #0 PREEMPT(full) 
[  498.086428][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  498.086434][    C0] RIP: 0010:handle_softirqs+0x160/0x840
[  498.086445][    C0] Code: 89 6c 24 20 0f b7 db 48 c7 c7 20 1d cb 8b e8 d7 81 20 0a 65 66 c7 05 a5 10 b1 11 00 00 e8 08 08 46 00 fb 48 c7 c5 c0 a0 60 8e <b8> ff ff ff ff 0f bc c3 41 89 c6 41 ff c6 0f 84 09 04 00 00 89 5c
[  498.086452][    C0] RSP: 0018:ffffc90000007f28 EFLAGS: 00000206
[  498.086460][    C0] RAX: 00000000002608c6 RBX: 0000000000000008 RCX: 0000000080000101
[  498.086467][    C0] RDX: 0000000000000002 RSI: ffffffff8dfa5c57 RDI: ffffffff8c28ac60
[  498.086472][    C0] RBP: ffffffff8e60a0c0 R08: ffffffff9030a7f7 R09: 1ffffffff20614fe
[  498.086479][    C0] R10: dffffc0000000000 R11: fffffbfff20614ff R12: 0000000000000000
[  498.086484][    C0] R13: 0000000000000000 R14: ffff888119f88000 R15: dffffc0000000000
[  498.086491][    C0] FS:  00007f91ede2f6c0(0000) GS:ffff88818dc90000(0000) knlGS:0000000000000000
[  498.086498][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  498.086504][    C0] CR2: 0000000000000000 CR3: 0000000102349000 CR4: 0000000000352ef0
[  498.086537][    C0] DR0: 00000000000000bb DR1: 0000000000000000 DR2: 0000000000000000
[  498.086544][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  498.086550][    C0] Call Trace:
[  498.086558][    C0]  <IRQ>
[  498.086566][    C0]  ? __irq_exit_rcu+0xca/0x220
[  498.086580][    C0]  __irq_exit_rcu+0xca/0x220
[  498.086590][    C0]  irq_exit_rcu+0x9/0x30
[  498.086599][    C0]  common_interrupt+0xbb/0xe0
[  498.086609][    C0]  </IRQ>
[  498.086612][    C0]  <TASK>
[  498.086617][    C0]  asm_common_interrupt+0x26/0x40
[  498.086627][    C0] RIP: 0010:vcpu_run+0x5a02/0x7860
[  498.086641][    C0] Code: 4c 8b a4 24 28 01 00 00 4c 89 e3 48 c1 eb 03 42 0f b6 04 3b 84 c0 0f 85 1c 0b 00 00 41 c6 04 24 01 e8 a2 fb 85 00 fb 4c 89 f0 <48> c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 9b 0b e9 00 49 ff 06
[  498.086648][    C0] RSP: 0018:ffffc9000944f5e0 EFLAGS: 00000206
[  498.086658][    C0] RAX: ffff888114b4c720 RBX: 1ffff110229696bf RCX: 0000000080000001
[  498.086665][    C0] RDX: 0000000000000006 RSI: ffffffff8dfa5c57 RDI: ffffffff8c28ac60
[  498.086673][    C0] RBP: ffffc9000944f9b0 R08: ffffffff9030a7f7 R09: 1ffffffff20614fe
[  498.086680][    C0] R10: dffffc0000000000 R11: fffffbfff20614ff R12: ffff888114b4b5fa
[  498.086686][    C0] R13: ffff888114b4a9c0 R14: ffff888114b4c720 R15: dffffc0000000000
[  498.086713][    C0]  ? vcpu_run+0x4982/0x7860
[  498.086754][    C0]  ? __pfx_vcpu_run+0x10/0x10
[  498.086770][    C0]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.086785][    C0]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.086799][    C0]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  498.086817][    C0]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  498.086841][    C0]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.086855][    C0]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  498.086875][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[  498.086886][    C0]  ? __mutex_lock+0x319/0x1550
[  498.086902][    C0]  ? kasan_quarantine_put+0xbb/0x1f0
[  498.086921][    C0]  ? do_raw_write_lock+0x11d/0x260
[  498.086946][    C0]  kvm_vcpu_ioctl+0xa62/0xfd0
[  498.086962][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  498.086973][    C0]  ? do_futex+0x333/0x420
[  498.086993][    C0]  ? __fget_files+0x2a/0x420
[  498.087010][    C0]  ? __fget_files+0x2a/0x420
[  498.087020][    C0]  ? __fget_files+0x3a0/0x420
[  498.087030][    C0]  ? __fget_files+0x2a/0x420
[  498.087042][    C0]  ? bpf_lsm_file_ioctl+0x9/0x20
[  498.087062][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  498.087076][    C0]  __se_sys_ioctl+0xfc/0x170
[  498.087093][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.087104][    C0]  do_syscall_64+0x15f/0xf80
[  498.087115][    C0]  ? trace_irq_disable+0x3b/0x140
[  498.087128][    C0]  ? clear_bhb_loop+0x40/0x90
[  498.087141][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.087150][    C0] RIP: 0033:0x7f91ecf9cdd9
[  498.087160][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  498.087167][    C0] RSP: 002b:00007f91ede2f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  498.087177][    C0] RAX: ffffffffffffffda RBX: 00007f91ed215fa0 RCX: 00007f91ecf9cdd9
[  498.087183][    C0] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  498.087190][    C0] RBP: 00007f91ed032d69 R08: 0000000000000000 R09: 0000000000000000
[  498.087196][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  498.087202][    C0] R13: 00007f91ed216038 R14: 00007f91ed215fa0 R15: 00007ffe10807ac8
[  498.087219][    C0]  </TASK>
[  498.087224][    C0] Sending NMI from CPU 0 to CPUs 1:
[  498.281418][    C1] NMI backtrace for cpu 1
[  498.281436][    C1] CPU: 1 UID: 0 PID: 12032 Comm: syz.1.1254 Not tainted syzkaller #0 PREEMPT(full) 
[  498.281448][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  498.281455][    C1] RIP: 0010:vmx_do_nmi_irqoff+0x13/0x20
[  498.281475][    C1] Code: ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 48 89 e5 48 83 e4 f0 6a 18 55 9c 6a 10 e8 ad 13 58 f5 <c9> c3 cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  498.281484][    C1] RSP: 0018:ffffc90008da74a0 EFLAGS: 00000086
[  498.281495][    C1] RAX: 0000000080000200 RBX: ffff88810961d380 RCX: 0000000000000000
[  498.281501][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff88810961d380
[  498.281507][    C1] RBP: ffffc90008da74a0 R08: 0000000000000001 R09: 0000000000000000
[  498.281513][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88810961f3c8
[  498.281519][    C1] R13: dffffc0000000000 R14: ffffffff815d2180 R15: ffff88810961d380
[  498.281526][    C1] FS:  00007fd8576f76c0(0000) GS:ffff8882a9290000(0000) knlGS:0000000000000000
[  498.281534][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  498.281540][    C1] CR2: 0000000000000000 CR3: 0000000119fc9000 CR4: 0000000000352ef0
[  498.281571][    C1] DR0: 00000000000000bb DR1: 0000000000000000 DR2: 0000000000000000
[  498.281578][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  498.281583][    C1] Call Trace:
[  498.281589][    C1]  <TASK>
[  498.281594][    C1]  vmx_handle_nmi+0xe1/0xf0
[  498.281607][    C1]  vmx_vcpu_enter_exit+0x11a/0x1f0
[  498.281620][    C1]  vmx_vcpu_run+0xfb0/0x3520
[  498.281632][    C1]  ? __pfx_vmx_vcpu_run+0x10/0x10
[  498.281641][    C1]  ? kvm_mediated_pmu_load+0xc7/0x7d0
[  498.281654][    C1]  vcpu_run+0x533d/0x7860
[  498.281671][    C1]  ? vcpu_run+0x4982/0x7860
[  498.281698][    C1]  ? __pfx_vcpu_run+0x10/0x10
[  498.281712][    C1]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.281728][    C1]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.281741][    C1]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  498.281755][    C1]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  498.281772][    C1]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.281784][    C1]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  498.281798][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  498.281809][    C1]  ? __mutex_lock+0x319/0x1550
[  498.281824][    C1]  ? kasan_quarantine_put+0xbb/0x1f0
[  498.281842][    C1]  ? do_raw_write_lock+0x11d/0x260
[  498.281860][    C1]  kvm_vcpu_ioctl+0xa62/0xfd0
[  498.281881][    C1]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  498.281894][    C1]  ? do_futex+0x333/0x420
[  498.281908][    C1]  ? __fget_files+0x2a/0x420
[  498.281919][    C1]  ? __fget_files+0x2a/0x420
[  498.281927][    C1]  ? __fget_files+0x3a0/0x420
[  498.281936][    C1]  ? __fget_files+0x2a/0x420
[  498.281945][    C1]  ? bpf_lsm_file_ioctl+0x9/0x20
[  498.281957][    C1]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  498.281967][    C1]  __se_sys_ioctl+0xfc/0x170
[  498.281983][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.281992][    C1]  do_syscall_64+0x15f/0xf80
[  498.282004][    C1]  ? trace_irq_disable+0x3b/0x140
[  498.282016][    C1]  ? clear_bhb_loop+0x40/0x90
[  498.282026][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.282038][    C1] RIP: 0033:0x7fd85679cdd9
[  498.282050][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  498.282057][    C1] RSP: 002b:00007fd8576f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  498.282067][    C1] RAX: ffffffffffffffda RBX: 00007fd856a15fa0 RCX: 00007fd85679cdd9
[  498.282074][    C1] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000b
[  498.282079][    C1] RBP: 00007fd856832d69 R08: 0000000000000000 R09: 0000000000000000
[  498.282085][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  498.282090][    C1] R13: 00007fd856a16038 R14: 00007fd856a15fa0 R15: 00007fff18cc1638
[  498.282101][    C1]  </TASK>
[  498.430940][    C0] Kernel panic - not syncing: softlockup: hung tasks
[  498.433516][    C0] CPU: 0 UID: 0 PID: 12038 Comm: syz.9.1256 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  498.437865][    C0] Tainted: [L]=SOFTLOCKUP
[  498.439614][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  498.443379][    C0] Call Trace:
[  498.444761][    C0]  <IRQ>
[  498.445896][    C0]  vpanic+0x56c/0xa60
[  498.447483][    C0]  ? __pfx_vpanic+0x10/0x10
[  498.449183][    C0]  ? __pfx_console_unlock+0x10/0x10
[  498.451346][    C0]  ? _raw_spin_unlock_irqrestore+0x10/0x80
[  498.453770][    C0]  panic+0xc5/0xd0
[  498.455143][    C0]  ? __pfx_panic+0x10/0x10
[  498.456916][    C0]  ? printk_trigger_flush+0x13d/0x180
[  498.459092][    C0]  watchdog_timer_fn+0x785/0x790
[  498.461192][    C0]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  498.463402][    C0]  __hrtimer_run_queues+0x375/0xa20
[  498.465460][    C0]  hrtimer_interrupt+0x44b/0x950
[  498.467424][    C0]  __sysvec_apic_timer_interrupt+0x102/0x430
[  498.469858][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
[  498.472059][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  498.474473][    C0] RIP: 0010:handle_softirqs+0x160/0x840
[  498.476670][    C0] Code: 89 6c 24 20 0f b7 db 48 c7 c7 20 1d cb 8b e8 d7 81 20 0a 65 66 c7 05 a5 10 b1 11 00 00 e8 08 08 46 00 fb 48 c7 c5 c0 a0 60 8e <b8> ff ff ff ff 0f bc c3 41 89 c6 41 ff c6 0f 84 09 04 00 00 89 5c
[  498.484378][    C0] RSP: 0018:ffffc90000007f28 EFLAGS: 00000206
[  498.486856][    C0] RAX: 00000000002608c6 RBX: 0000000000000008 RCX: 0000000080000101
[  498.490054][    C0] RDX: 0000000000000002 RSI: ffffffff8dfa5c57 RDI: ffffffff8c28ac60
[  498.493171][    C0] RBP: ffffffff8e60a0c0 R08: ffffffff9030a7f7 R09: 1ffffffff20614fe
[  498.496276][    C0] R10: dffffc0000000000 R11: fffffbfff20614ff R12: 0000000000000000
[  498.499379][    C0] R13: 0000000000000000 R14: ffff888119f88000 R15: dffffc0000000000
[  498.502389][    C0]  ? handle_softirqs+0x158/0x840
[  498.504283][    C0]  ? __irq_exit_rcu+0xca/0x220
[  498.506261][    C0]  __irq_exit_rcu+0xca/0x220
[  498.508027][    C0]  irq_exit_rcu+0x9/0x30
[  498.509732][    C0]  common_interrupt+0xbb/0xe0
[  498.511547][    C0]  </IRQ>
[  498.512706][    C0]  <TASK>
[  498.513933][    C0]  asm_common_interrupt+0x26/0x40
[  498.515910][    C0] RIP: 0010:vcpu_run+0x5a02/0x7860
[  498.517966][    C0] Code: 4c 8b a4 24 28 01 00 00 4c 89 e3 48 c1 eb 03 42 0f b6 04 3b 84 c0 0f 85 1c 0b 00 00 41 c6 04 24 01 e8 a2 fb 85 00 fb 4c 89 f0 <48> c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 9b 0b e9 00 49 ff 06
[  498.525502][    C0] RSP: 0018:ffffc9000944f5e0 EFLAGS: 00000206
[  498.527925][    C0] RAX: ffff888114b4c720 RBX: 1ffff110229696bf RCX: 0000000080000001
[  498.531073][    C0] RDX: 0000000000000006 RSI: ffffffff8dfa5c57 RDI: ffffffff8c28ac60
[  498.534100][    C0] RBP: ffffc9000944f9b0 R08: ffffffff9030a7f7 R09: 1ffffffff20614fe
[  498.537128][    C0] R10: dffffc0000000000 R11: fffffbfff20614ff R12: ffff888114b4b5fa
[  498.540216][    C0] R13: ffff888114b4a9c0 R14: ffff888114b4c720 R15: dffffc0000000000
[  498.543551][    C0]  ? vcpu_run+0x4982/0x7860
[  498.545394][    C0]  ? __pfx_vcpu_run+0x10/0x10
[  498.547316][    C0]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.549575][    C0]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.551806][    C0]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  498.553863][    C0]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  498.556159][    C0]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  498.558512][    C0]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  498.560858][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[  498.563998][    C0]  ? __mutex_lock+0x319/0x1550
[  498.566003][    C0]  ? kasan_quarantine_put+0xbb/0x1f0
[  498.568209][    C0]  ? do_raw_write_lock+0x11d/0x260
[  498.570343][    C0]  kvm_vcpu_ioctl+0xa62/0xfd0
[  498.572276][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  498.574380][    C0]  ? do_futex+0x333/0x420
[  498.575962][    C0]  ? __fget_files+0x2a/0x420
[  498.577631][    C0]  ? __fget_files+0x2a/0x420
[  498.579520][    C0]  ? __fget_files+0x3a0/0x420
[  498.581515][    C0]  ? __fget_files+0x2a/0x420
[  498.583421][    C0]  ? bpf_lsm_file_ioctl+0x9/0x20
[  498.585432][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  498.587650][    C0]  __se_sys_ioctl+0xfc/0x170
[  498.589561][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.592058][    C0]  do_syscall_64+0x15f/0xf80
[  498.593924][    C0]  ? trace_irq_disable+0x3b/0x140
[  498.596012][    C0]  ? clear_bhb_loop+0x40/0x90
[  498.597944][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.600441][    C0] RIP: 0033:0x7f91ecf9cdd9
[  498.602257][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  498.610085][    C0] RSP: 002b:00007f91ede2f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  498.613433][    C0] RAX: ffffffffffffffda RBX: 00007f91ed215fa0 RCX: 00007f91ecf9cdd9
[  498.616647][    C0] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  498.619932][    C0] RBP: 00007f91ed032d69 R08: 0000000000000000 R09: 0000000000000000
[  498.623154][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  498.626370][    C0] R13: 00007f91ed216038 R14: 00007f91ed215fa0 R15: 00007ffe10807ac8
[  498.629567][    C0]  </TASK>
[  498.632015][    C0] Kernel Offset: disabled
[  498.633799][    C0] Rebooting in 86400 seconds..
